Report - cdgaeja.mypersnaloffer.com/c/370bb16a399ca?subsource=naughtysis1

Report Overview

Visited public
2025-01-19 06:29:01
Tags
Submit Tags
URL
cdgaeja.mypersnaloffer.com/c/370bb16a399ca?subsource=naughtysis1
Finishing URL
charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050
IP / ASN
5.104.107.248
#24961 WIIT AG
Title
Charmfling – website for meetings! Communication without limits

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s.pemsrv.com	unknown	2023-08-01	2023-08-04	2025-01-17	560 B	436 B	95.211.229.247
syndication.realsrv.com	9112	2019-02-07	2019-07-03	2025-01-18	573 B	419 B	95.211.229.245
datetrackservice.com	184156	2021-07-19	2021-08-03	2025-01-13	413 B	1.5 kB	23.111.80.246
charmfling.com	unknown	2022-11-07	2023-01-05	2025-01-16	7.7 kB	227 kB	185.106.140.114
mrlscr.com	unknown	2018-05-07	2018-09-22	2025-01-13	8.1 kB	98 kB	34.90.10.178
images.mrlscr.com	unknown	2018-05-07	2023-12-24	2025-01-13	1.8 kB	239 kB	104.21.14.47
overdates.com	236913	2019-11-21	2019-11-22	2025-01-13	849 B	2.8 kB	23.111.80.246
s.zlinkp.com	unknown	2024-08-12	2024-09-12	2025-01-13	560 B	436 B	95.211.229.247
cdn.icalendars.app	unknown	2020-11-24	2022-11-02	2025-01-13	413 B	123 kB	104.21.32.1
myblackkarma.com	unknown	2024-03-06	2024-03-07	2025-01-13	626 B	73 kB	116.203.80.157
node.phts.io	unknown	2015-03-10	2015-12-19	2025-01-13	566 B	391 B	172.255.233.92
api.icalendars.app	unknown	2020-11-24	2022-09-19	2025-01-13	1.6 kB	8.7 kB	34.90.134.29
p.phts.io	487227	2015-03-10	2017-11-14	2025-01-19	961 B	152 kB	104.26.5.67
s.magsrv.com	unknown	2023-08-01	2023-08-04	2025-01-16	560 B	436 B	95.211.229.245
s.orbsrv.com	unknown	2020-05-16	2020-09-02	2025-01-18	560 B	436 B	95.211.229.247
s.opoxv.com	53756	2019-12-02	2019-12-13	2025-01-19	561 B	417 B	95.211.229.245
cdgaeja.mypersnaloffer.com	unknown	2024-11-06	2024-12-15	2024-12-24	2.6 kB	1.1 kB	5.104.107.248
static.charmfling.com	unknown	2022-11-07	2023-03-23	2025-01-16	41 kB	427 kB	104.21.51.197
m.charmfling.com	unknown	2022-11-07	2023-03-23	2025-01-17	647 B	44 kB	185.106.140.114
domdengo.com	unknown	2023-06-16	2023-06-16	2025-01-13	959 B	1.2 kB	34.90.10.178

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-01-19 06:28:38	low	172.255.233.92	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2025-01-19 06:28:38	low	172.255.233.92	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (46)

	URL	From	Size	First Seen	Last Seen
	static.charmfling.com/desktop/doAction-2eb2f86630.min.js	ScriptElement	550 B	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/doAction-2eb2f86630.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen706 Hash 0088157bda1d4c1955f575e245887c1d 4e04a3194450f26379aa6cc39a24ed977f3622f6 1df8e7f3dcee8872a3877590288b709c8381bdbfc5a20a842bbaed9c795a2996 Loading...

	mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com	ScriptElement	0 B	0001-01-01	2025-07-03
Pretty URL mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com IP 34.90.10.178 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-03 01:41 Times Seen5253248 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	ScriptElement	478 B	2025-01-19	2025-01-19
Pretty URL charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-19 06:29 Last Seen2025-01-19 06:29 Times Seen1 Hash 523bb118050380cb29d2e2c29976b8e0 8f64d106781105107f7d50f40f56b8aa1be93bf1 8d2888791ec56bb16d23e5cf845821b35eaad8966144458f5bd460867cec772a Loading...

	datetrackservice.com/imomk?uid=831400050	ScriptElement	1 B	2023-03-07	2025-07-03
Pretty URL datetrackservice.com/imomk?uid=831400050 IP 23.111.80.246 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-07-03 01:31 Times Seen40637 Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Loading...

	static.charmfling.com/desktop/helper-5ef962b299.min.js	ScriptElement	597 B	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/helper-5ef962b299.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen627 Hash 99ce2b6dc0e32183b5fb48126f6cd31e c44fa9db6b33097d3acf2270f462b04cf26316d7 c4ed9b518fedd12fca8c995466e3592b09bccd10f8625d9bff6aaa6af59cd2c3 Loading...

	domdengo.com/js/jnk.js?user_id=831400050&pe=40350&sub_id=4358319617&domain=domdengo.com	ScriptElement	558 B	2023-06-19	2025-07-02
Pretty URL domdengo.com/js/jnk.js?user_id=831400050&pe=40350&sub_id=4358319617&domain=domdengo.com IP 34.90.10.178 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 19:36 Last Seen2025-07-02 03:49 Times Seen698 Hash e80aab32f31c6ec6b94feb326873fbf5 f10934c8b547ff155b2947f9304de95115a1741f 50f81baba803baa611d3960893986107d2d5761bfe408d34c9ff715a0c8cc077 Loading...

	static.charmfling.com/desktop/Dialog-4a654aa44a.min.js	ScriptElement	3.0 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/Dialog-4a654aa44a.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen705 Hash 74fac16ce98f830735eb29fec82a9078 dd084c65bbb05baab85ed3b1326a0eb611d2e6d5 608c7362084b55ecec6c4a523ad981d940e2b510bc5f0c75485f63b9ec74f945 Loading...

	static.charmfling.com/desktop/adFramesHandler-7da1db1d69.min.js	ScriptElement	570 B	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/adFramesHandler-7da1db1d69.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen663 Hash f644e1114e4fbbd2e1b0abb300a1ab37 c64de86540d40b98a580527ed6f2eacee3e9972b 58208bc839e7ec257e621cb1310edcb24167107048241c7b910a0dc94859a938 Loading...

	charmfling.com/reqcid?req_cid=23a16a054269feffa6289016bdeaa0fe	ScriptElement	0 B	0001-01-01	2025-07-03
Pretty URL charmfling.com/reqcid?req_cid=23a16a054269feffa6289016bdeaa0fe IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-03 01:41 Times Seen5253248 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	EventHandler	7 B	2023-10-21	2025-07-02
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-10-21 10:25 Last Seen2025-07-02 03:49 Times Seen463 Hash 9dc2c1b775ad731cd31865fe71c8763c b295ba3a088a2749141ef4d930011cb33bc650ec b853a54c6e508d21b8cf8d7a8bef773f6a36084f9eed2d7049f307831165fba4 Loading...

	static.charmfling.com/desktop/chatPoll-79896c1668.min.js	ScriptElement	2.0 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/chatPoll-79896c1668.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen654 Hash 28f9fe7384356399a37cb3f20c475e48 c79f8cc90f4d2ddbf7562beb247d76e21d5b8303 4c23db85de6e053b41ae190f1cf69bc9e29ed4ed3f08b8028ea5320e7a8d0ccb Loading...

	static.charmfling.com/desktop/modal-e85a38a7d9.min.js	ScriptElement	1.2 kB	2023-09-23	2025-04-26
Pretty URL static.charmfling.com/desktop/modal-e85a38a7d9.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 18:07 Last Seen2025-04-26 09:07 Times Seen569 Hash e7f24462aff08a35b382925f1bb720dd 65fe2a97004f1808fa81a35ef2bd2148977e7a25 79c953970b70e7d2dbd9665a0e3d1d83ca69580d29063d650f488355e5845651 Loading...

	static.charmfling.com/desktop/ProfileCityAction-dd0953a796.min.js	ScriptElement	2.4 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/ProfileCityAction-dd0953a796.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen637 Hash 54c6b61f49a697c9370a5379811ff7cb cbefbe3dd37cfc5db004610bf7c14931ee1d4a36 8746c9b6ff517173b0c20db525b8dcaf93e893cb04c3b1368149a94cf30c94ba Loading...

	static.charmfling.com/desktop/resizeModule-3df307e03b.min.js	ScriptElement	499 B	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/resizeModule-3df307e03b.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen639 Hash ed5c222e0783fe1562aa6bb3c63cf7ac 79e585245e563769521ee4d384b95b938813f2f1 47b3f64e008a4b0a4ea8264d4b42611a6e94cc09f9f5a47c383fa346f0179ba7 Loading...

	static.charmfling.com/desktop/bLazy-ff72535614.min.js	ScriptElement	4.3 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/bLazy-ff72535614.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen637 Hash 94190abfc9a141512a2b66c8b060a13a fa36ff8968b13b5f728bf45fceeb30eed2ab0013 dca554ed0654089eeefc64822f9dc16c7cbcf8bd3708d16782659c34ab54f0fa Loading...

	static.charmfling.com/desktop/notificationsCenter-161c11c51f.min.js	ScriptElement	2.7 kB	2023-08-10	2025-07-02
Pretty URL static.charmfling.com/desktop/notificationsCenter-161c11c51f.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-10 20:07 Last Seen2025-07-02 03:49 Times Seen617 Hash 90a035ba440e6a66fd37208a417edb7d 8aba4adb80c9995e97709e4b6406b82d1cf473b9 1156df0754d6fa53c2de7766e8eae1101f29e80a43a106fee0b62efe3b0205e8 Loading...

	charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	ScriptElement	140 B	2023-08-16	2025-05-31
Pretty URL charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-16 09:23 Last Seen2025-05-31 18:16 Times Seen159 Hash 590b0971e1ff25747cfdfcc3b1c0ca69 5ef3cd19a6bff8586d0a967772a76627046d09ae 71fcd1c4c95417cdf2efdee5f16591b58096f61076c001d7c33988ab155061b4 Loading...

	static.charmfling.com/desktop/browser-8288e3819e.min.js	ScriptElement	1.5 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/browser-8288e3819e.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen705 Hash 9a74b2df010f779152fc94edb303e489 fbdeaa04fbe28be710b5f9d4df2c3dfc48711d37 1e735672a1bca60efa18caa3a2ae182ae81c041c554baf30cc16a5d8fdb73c22 Loading...

	static.charmfling.com/desktop/globalEventsSystem-c7f722e0a1.min.js	ScriptElement	3.3 kB	2023-08-04	2025-07-02
Pretty URL static.charmfling.com/desktop/globalEventsSystem-c7f722e0a1.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-04 20:18 Last Seen2025-07-02 03:49 Times Seen705 Hash 7f6f6bfc2ffec15335bc074e655e9197 9adda9c53991b7da569b92f11779aac5a71289ad d499f46b580855a805c4b5e6b0cfd2a4c5996cf37f70d159293792cf3463dfd2 Loading...

	charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	ScriptElement	13 kB	2024-12-20	2025-01-19
Pretty URL charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 09:19 Last Seen2025-01-19 23:22 Times Seen10 Hash 1046bb4a50a7d1a172851b0af0b5d079 a4c55f5c69a000052e656a0e8879087c2b0437b3 432d466b1f3a936e52a7aeee86c5137c9a3e3a165628097daab034d665ac8e8a Loading...

	static.charmfling.com/desktop/IndexAction-c25a3c0246.min.js	ScriptElement	6.2 kB	2024-10-13	2025-03-30
Pretty URL static.charmfling.com/desktop/IndexAction-c25a3c0246.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-13 15:58 Last Seen2025-03-30 05:04 Times Seen187 Hash c1bc09654f90240ef84fa492f5c41d49 a4fc4e4677b53d55102a9e7330cdb6a5dc082c34 5adbfc63fbbe8bb52d09cbc07e83761c2c27ac4bedbd42f0ce03c5dd3874de16 Loading...

	static.charmfling.com/desktop/mtdscollectemail-3bbfe6fe3c.min.js	ScriptElement	1.6 kB	2023-11-22	2025-07-02
Pretty URL static.charmfling.com/desktop/mtdscollectemail-3bbfe6fe3c.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 16:41 Last Seen2025-07-02 03:49 Times Seen512 Hash e7bfe7abd0db407b192c28fdb67fad0c 7f288342a296da661d1dc30402e6af22b546e9ed 75ee14638b70dc4a3986c872d57816652ad578ecd490ffaddb2b26db395a3c75 Loading...

	static.charmfling.com/desktop/DiscoveryFilters-c2db2accb3.min.js	ScriptElement	3.1 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/DiscoveryFilters-c2db2accb3.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen596 Hash 4ef78e8cd6c978c54244fe5510a67c1c 798cdd3dc246f17f9ddf14236b90a4ef7094b85e 12384f70758e3041d5ad204fefc4fa13cc82513dab142bbd0ee263d9ae641bcf Loading...

	static.charmfling.com/desktop/asyncPageLoad-5fa173d607.min.js	ScriptElement	6.6 kB	2024-11-13	2025-05-30
Pretty URL static.charmfling.com/desktop/asyncPageLoad-5fa173d607.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-13 17:40 Last Seen2025-05-30 09:17 Times Seen259 Hash a0db057ea89e75e4c0de0968a6eeb81f b6dabeb0f8449830d982b9b86e49ed9a681cb25f 8dc614436bea035ddb0564e6a54016a35bb970c46eb9595f3d93e2786cba221a Loading...

	static.charmfling.com/desktop/template7-ec91a93435.min.js	ScriptElement	6.5 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/template7-ec91a93435.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen645 Hash 427a3f181c07f1cc68004950dca15b12 22b38ce6d9b0e1af25ef15466ea55421255fc84c 3fdf0d75e642ac41eb15e986ccee3ccc84f859bcb39f414355a5bebc5952bc2b Loading...

	charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	ScriptElement	1.7 kB	2025-01-19	2025-01-19
Pretty URL charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-19 06:29 Last Seen2025-01-19 06:29 Times Seen1 Hash d9744e8baae7bcdef8129110ee75d549 4122d343b714bb5cc5408979006d5d9e8e734b36 e9fbe99643f690b5f173cb253fe56071542d6c63c5a89f903bcb28caccde83c0 Loading...

	static.charmfling.com/desktop/require-e4dbe06ebb.min.js?ver=charmfling.com	ScriptElement	18 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/require-e4dbe06ebb.min.js?ver=charmfling.com IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen709 Hash ffb5bc990714cdf0c40466c3eb10f87f 15d09f58bdd6405074039a1214914c8a25b00e74 592966ebd06468fcc8ddb05d36598139ae03a47733f5f36f43ea972ff6a5fe6a Loading...

	charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	ScriptElement	932 B	2024-10-13	2025-07-02
Pretty URL charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-13 15:58 Last Seen2025-07-02 03:49 Times Seen273 Hash a5e027e3846b97f52e21c6650e5c6f72 603dfd2fc35da3fb2055161a3ac89f2e17c7869b d1ccfa44c6f6786ef11c743fe4cace9f302c4bcb613df767aed43907e91d00a5 Loading...

	about:srcdoc#141	ScriptElement	3.0 kB	2024-10-13	2025-04-07
Pretty URL about:srcdoc#141 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-13 15:58 Last Seen2025-04-07 05:27 Times Seen200 Hash 671320bc66715586dc1a7c795cb2c180 805a3465fc1bf52f1acc80836668d864a36ea36a 0d203ac3ddf3a8ff91d459cbade463a8f54ff37cd3893080b0d3210df8baf59a Loading...

	static.charmfling.com/desktop/dom-83e622c736.min.js	ScriptElement	5.1 kB	2023-09-23	2025-07-02
Pretty URL static.charmfling.com/desktop/dom-83e622c736.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 18:07 Last Seen2025-07-02 03:49 Times Seen665 Hash c698bb03c366fbdc371c83291f65d646 9d093b9efbfcb36a47c2022d42f3fb7e25a6aa46 e2a7fb5141591c9fd960f0851e976eb78e197aaf7e6ecb4ca4037fa2c7a78e8c Loading...

	cdn.icalendars.app/sdk_product.js?v=12	ScriptElement	122 kB	2024-10-23	2025-02-02
Pretty URL cdn.icalendars.app/sdk_product.js?v=12 IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-23 22:23 Last Seen2025-02-02 06:33 Times Seen147 Hash b7a3653a4c91e28d6c1f6381033fa9bd bc605bb85bc0f61c4c198fd4e63bbfe7b19df841 f17e84625e0920d7d2d06d60c8474750f90251a4042a0d522329f28b80028122 Loading...

	static.charmfling.com/desktop/nanobar-1615024339.min.js	ScriptElement	1.3 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/nanobar-1615024339.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen706 Hash 53782f1dc58491d6f9558df034b2c176 c8f5ee6c2a25b2fc46f1ad93d6d640651cabdb87 1631e604d1db7ff80f4e9262784cf76c734bc6df2004361c7c28af6d990fd1d3 Loading...

	static.charmfling.com/desktop/Notify-ee072f6f5c.min.js	ScriptElement	3.4 kB	2023-08-11	2025-07-02
Pretty URL static.charmfling.com/desktop/Notify-ee072f6f5c.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 09:42 Last Seen2025-07-02 03:49 Times Seen597 Hash add7b0613122557ee38c9401720e28e3 1bc25e0ea800cd48eca4949198cd4f0914c04683 46994a14c57cee6119c730986e3076ef24388aeeb92ca149be1039d007410435 Loading...

	static.charmfling.com/desktop/avatarPreload-f9c50aa97e.min.js	ScriptElement	1.4 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/avatarPreload-f9c50aa97e.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen644 Hash 906311a5157723865ac874700e213db5 3bda51557bbbaf89c2be36558452a0f24544660f 2ca8171fce0428b8019c6d16ff55f0d5badd4805dd068d723dd2b3aaaa26518f Loading...

	static.charmfling.com/desktop/_app-b6e2808232.min.js?ver=charmfling.com	ScriptElement	9.7 kB	2024-12-20	2025-07-02
Pretty URL static.charmfling.com/desktop/_app-b6e2808232.min.js?ver=charmfling.com IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 01:20 Last Seen2025-07-02 03:49 Times Seen263 Hash e4ccf5dfc268042ad792e5d5e5e7795a 6958d97f4905a201e85a1236b82a679ca8a8a41e 83837275b472aafc0fda46e4baf72145f4c19f94f54e9a6e506c151f91b11ab3 Loading...

	static.charmfling.com/desktop/naClick-a28ed6e7e2.min.js	ScriptElement	469 B	2023-05-31	2025-07-02
Pretty URL static.charmfling.com/desktop/naClick-a28ed6e7e2.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 14:18 Last Seen2025-07-02 03:49 Times Seen663 Hash a952b0752ef956311782c09d28612280 7d964ac1b8d990610f386fe4e2ec55f24f66f9ca 0dc84e6bda37978a920b56262261bbea1cc46673365f14d64835362bb6a87163 Loading...

	charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	ScriptElement	1.0 kB	2024-12-19	2025-07-02
Pretty URL charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 10:22 Last Seen2025-07-02 03:49 Times Seen271 Hash 711b290c5a2323f8bb3bcd0955377093 8e8d49ee9cd0c08f49960f192d800e6687ba39e8 ceacf9143bcc98c766f607c4c8c5755673128644f4da2c48e8e7cb2b171062bf Loading...

	static.charmfling.com/desktop/z-74b4e24a8e.min.js	ScriptElement	24 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/z-74b4e24a8e.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen707 Hash 9d8213e55d851eca7262ce8119703d69 944ae82ad4ea414a0f76cc98f7890f8039ec8b4c 6038ff112fa9b0e6470547a6c91e635a78ce52bdbe9f064010f80635bce05f8b Loading...

	static.charmfling.com/desktop/css-cce62e17fb.min.js	ScriptElement	1.5 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/css-cce62e17fb.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen637 Hash 0fe0e6762dc2036afcd0609e2e886d74 ea27dac223d8eef9fc309ca02b7963668592c83c b8255485f9a2e53cf2a1202201ef85149525c7bdc941917c9f2c1f81a1e4bfdb Loading...

	static.charmfling.com/desktop/nouislider-5aeb2d5cdd.min.js	ScriptElement	17 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/nouislider-5aeb2d5cdd.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen637 Hash f61ca01c5bc73b7d73c74e849bddf060 c0d5ec9d5196fbe96ccac12a3473b4f7467172e6 7226e90908aaea97eb2c058b1ee9b632f76ca1358b4f39a4ba47fbef196e9da4 Loading...

	static.charmfling.com/desktop/cookie-6ceda5d033.min.js	ScriptElement	736 B	2023-09-23	2025-06-22
Pretty URL static.charmfling.com/desktop/cookie-6ceda5d033.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 18:07 Last Seen2025-06-22 04:08 Times Seen645 Hash e6d6ec0c1cbf86ad20daccb867ff70ce 9b802cb0dec27ecbb69410c1cfeb2feb4b52d346 5b8fe6985c06895b088273849bff4bc63b8349bfe5d3bf3c3fbdcd7f34082576 Loading...

	static.charmfling.com/desktop/autocomplete-d366183edb.min.js	ScriptElement	4.9 kB	2023-03-07	2025-07-02
Pretty URL static.charmfling.com/desktop/autocomplete-d366183edb.min.js IP 104.21.51.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen637 Hash 35fd260dc10192d2c83de51cdde902d9 6d1337013591b6d6dc8036bfcd306425ec4eab2b a2a985d934f947522781f9beb40707da1a620aad0d733bffefb97f9e1cae7ce8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 645460b36a66162ea004cab0656cf4ce	114 B	2023-03-07 13:58	2025-07-02 03:49
Pretty Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen609 Hash 645460b36a66162ea004cab0656cf4ce 75297ea4aba3a46f38844a0e1adaf986ae36fe6d b760dca0ce849d2b81c8de8935d0fece56ad8c35d09fc39573672abbcc036d91 Loading...

	#2 Eval - 72f865a0cfb2e3a39061488032035319	1.4 kB	2023-03-07 13:58	2025-02-26 21:57
Pretty Observations First Seen2023-03-07 13:58 Last Seen2025-02-26 21:57 Times Seen491 Hash 72f865a0cfb2e3a39061488032035319 3fd5d84fb415ae953a9615b763ece7e4e7d3ada1 01057800577b25b72acbb87a246fbf065cf341771629a86f12521497f1e734f8 Loading...

	#3 Eval - b42ff479a414954b8dde381588ff65c0	147 B	2023-03-07 13:58	2025-07-02 03:49
Pretty Observations First Seen2023-03-07 13:58 Last Seen2025-07-02 03:49 Times Seen608 Hash b42ff479a414954b8dde381588ff65c0 e6109875f012ad5d4faf473a486572beba9e016f 7733e4b2704bc94c141c62358ab0e47ccf7863e17e72f0be922febbb0064493c Loading...

	#4 Eval - e6ceaa879c5b601e27b88da4096ab77c	171 B	2023-03-10 01:00	2025-01-19 06:29
Pretty Observations First Seen2023-03-10 01:00 Last Seen2025-01-19 06:29 Times Seen5 Hash e6ceaa879c5b601e27b88da4096ab77c db08e01d5c4478af2bd1d110b6a105a9e0096835 33481424cec44d31bafd25fc7ffa1a02336df0a3672e807e15f6a121de99ebe7 Loading...

HTTP Transactions (86)

	URL	IP	Response	Size
	cdgaeja.mypersnaloffer.com/favicon.ico	5.104.107.248	404 Not Found	840 B
URL cdgaeja.mypersnaloffer.com/favicon.ico IP 5.104.107.248:0 ASN #24961 myLoc managed IT AG File type gzip compressed data, from Unix Size 840 B (840 bytes) Hash 39ca90fc9afa49c3274dadced0045190 eb496e3131732e9436e76d599e96e00cd45a9c30 6812404ffbf1596fb8c54f995573c83d9061c97f669d3c3c1f2b10bb5f9e0298 HTTP Headers GET /favicon.ico HTTP/1.1 Host: cdgaeja.mypersnaloffer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdgaeja.mypersnaloffer.com/c/370bb16a399ca?subsource=naughtysis1 Cookie: s=ouW0j1wjFYw0uzl5LQb%2FmGROH8QVJ7Oc2d1Xjg4n3VJ0SfYHUUZMcvhlOCLUeQnreJLTyOwbA668Hgnya4bIVyB%2BdvaHHptb%2FQ%2B4byxjF2VD32sbdYpzC4mPW5iD9%2BSuaKIoUiWeduMY32k2i8r1s9QeOszCiF2qLfLF37lm%2F40%2B%2Be3x1%2BOn0%2B1VuFah73v3xrB6xS9aZfVHFjx%2FEcMmLvFHnLXm8PANK3eXBDBxYFb7h3suCDauXz%2FENSfpY7bhevtqBbCLkvkc5PtXqTTa2JEnbqPda8qwereOLK%2BrrJl%2FOBATJtyWFnRUQWVLkwjWO6MPJT0nTQp0DvGvXoG9bTR6k%2BInLpSRlkLapXosXUVWMuCvexX4dnLFRtgvuDmcXw7Atb5VyPdRvXPxYXJNvNe9XdFJwicyGqqe2aaoJrp02xM9RRBlLqE%2FdSFWOzW%2FN27BvfRh3oZJ6ua9Yg5%2FgH0XDifD0RwD6%2FWF4rLUmhG8ijO7OJA9EKBQ3Aks676kFPepnG8m19hG4VqKx2u5PG1UasS6ZNZgsdAaU2l2vh8uOgoLbO55fUqTuIsJRwOixthYleS8GO9BZf6U934i9CmHygC4yUPx%2FCPINKPv%2F%2FoYJyaCSP1u7VOdnXZVdo%2FMOERkbc%2Bs8RdG9GZrEgNuuXLLBRcpijhm7myK%2BmLGhZdazzKKc%2FtaptQVTf8UbsmAocLKX0BL9PWYCI7%2BJqYa3IYwvPRYhHSM29OtOeHo5Wrh9P18OZ8RCl5mflkjRLxz9tickU%2Bk41XOiR94iSYESoUyEZnhoH1b5%2BS7Vqkym5Av23M1TPm4fB4UOMaBpJLLemtR3SKUKz9bXQBip3nfws%2FRaKVWVHHZysb%2FyX9WGqWXhJtv1L5ppLdpf%2BcqhKXKLT3qX5%2FUZ5tKbjma%2BBddgyEmyb65HBlYlvnDQg2QB4ifPSQNfqS%2FLPtkC9EDQtnuAsib%2FVP6QfzlNToMH8%2FNY7CTHgRc6kWo9Tmf1BJTgoCf7Uc2Aa%2Bgx4LRAg6NeXByu8bisigXnyoUb3OGEz3Po6KHqf8SjkUhxbnbu6nCg%2FQX3d%2B7%2FXfKWzNI1WMoZ315kctvyiFiE312CNdo40PAaAYo8sAE7qMsvuMVz8omRDfa0BQxzCfcyWq5il4X8qPhrRkomXOCZeCVVPKupCSJGA8TIsVLZkR6TanR53ETMmKGHM7AgRHiGK7oy3BSujdFCjPvKC9wzjiibEy2TNL9X10GBREFzuQi3A1V6LNBcwRNJUwsEKXTsANdoaSQ8YPWQbSVvkLwbDF2sm2PxcfoSQQ7tm0LDoHVWObP5CRt%2BFoLcBQP6t7d2ZCMnFvepSyodeEWFqNWO7RxdlDEQZaR423niwFqw7wfagQs%2FcvZM1T6BSPF5yO5j1O92GAw6fh5EjscxVhos4ivJFtaDJzbCgJFmkkZDfV6toJbjT2pNWb78Tsv%2Fx%2Fz%2BRLFg0wxahhMuPi24JgQtZJdHcgYsf7miIJa2d5UllomrQjdb0qb5v%2BJJVvAAMmih%2FzsYZ9GU%2FGi24fwHuDSKADx7WCxZlJAfHog4DtGX%2BD5%2FM5H8FwUcVrvtxmuZEMLhO09RrZ7obsz14tUm1ZR4zVHOmalWraBN548tNLsEZM097kLYDM%2BodcGNaXOg8J11W0HGG4OFKZTHwdmwlQu5LhRg9pp3S7kg5xgJ92aNWRgyokNiBZbi%2F%2BF%2B2AwCrMZyv5Ht7GUNo%2Br8LglfDR0xDkKcejy02fs9kKRfRKLhUa6OuRlSJaZxYJI2G0S%2FilvMLabJQT3cM9yAc8ulbGvsrKGmXTY5dDw2FI%2BG7alLlXRKrt3Zm6S0mxaw9q6b6aT6A0Jrdylg4Z0IoCp0o0odANrCS7Q22Q%2B28VB%2FKLRVlfjYbrXnEDAY1F9VRsMhdiMscJE9IHNEzyHPD9NvTzU4zwk3ipB%2FBcQ1EiPM2dNvAkkRaFlorNTACbHm8F9RnxLBTbX9PCUU3RQbzTKGTt68OgVZPrr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 404 Not Found server: openresty date: Sun, 19 Jan 2025 06:28:35 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding, Accept cache-control: no-cache, private content-encoding: gzip X-Firefox-Spdy: h2`

	GET overdates.com/imofake?uid=831400050	23.111.80.246	200 OK	21 B
URL GET overdates.com/imofake?uid=831400050 IP 23.111.80.246:0 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectoverdates.com Fingerprint8C:B8:ED:F9:6C:89:76:EA:EB:2F:59:3A:0F:29:CF:0F:AE:08:28:95 ValidityWed, 01 Jan 2025 11:05:26 GMT - Tue, 01 Apr 2025 11:05:25 GMT File type very short file (no magic) Size 21 B (21 bytes) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers `GET /imofake?uid=831400050 HTTP/1.1 Host: overdates.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:36 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Accept-CH: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: PHPSESSID=913c510e0efbb51beabbed3e59d5afbe; path=/; domain=.overdates.com; secure; HttpOnly AD_ID=92664698f3fc5c0be0c655ac5e8edf26; path=/; samesite=none; domain=.overdates.com; secure Content-Encoding: gzip

	GET datetrackservice.com/imomk?uid=831400050	23.111.80.246	200 OK	21 B
URL GET datetrackservice.com/imomk?uid=831400050 IP 23.111.80.246:0 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectdatetrackservice.com Fingerprint41:9E:52:22:25:F3:8F:74:7D:9D:05:21:03:C4:3A:85:44:2A:1E:FA ValidityWed, 01 Jan 2025 11:04:51 GMT - Tue, 01 Apr 2025 11:04:50 GMT File type very short file (no magic) Size 21 B (21 bytes) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers `GET /imomk?uid=831400050 HTTP/1.1 Host: datetrackservice.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:36 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Accept-CH: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: PHPSESSID=e0a64da55a2937a8c4a0f581690c757a; path=/; domain=.datetrackservice.com; secure; HttpOnly AD_ID=92664698f3fc5c0be0c655ac5e8edf26; expires=Wed, 17-Jan-2035 06:28:36 GMT; Max-Age=315360000; path=/; samesite=none; domain=.datetrackservice.com; secure Content-Encoding: gzip

	GET static.charmfling.com/desktop/_app-b6e2808232.min.js?ver=charmfling.com	104.21.51.197	200 OK	3.9 kB
URL GET HTTP/2 static.charmfling.com/desktop/_app-b6e2808232.min.js?ver=charmfling.com IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type gzip compressed data, from Unix Size 3.9 kB (3851 bytes) Hash 011dd304929b78dfcea283c546147eb1 1fa3052dec65d62faa72a9f4390cd50d23026f72 450d1e166c3a1a46e8f9f3727891ea9ae50b204ba094eb73610a3fe4cb98c915 HTTP Headers GET /desktop/_app-b6e2808232.min.js?ver=charmfling.com HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-2602" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240066 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pID2AqqwaMdDnL6%2F9XI2oV7PmiI1JJ2QXZtlXNWI%2BCAH9VrBHmqjoYyFoBj4VWnN1D%2FgCmMC06WEmVsiQT8xS3tm98Pwd3OBDL3ArMmWYFQpDGsFMoR5%2F19tcWfphc0pDJey8eqhgGU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c401ed427131-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1377&min_rtt=436&rtt_var=1143&sent=54&recv=20&lost=0&retrans=0&sent_bytes=59484&recv_bytes=2221&delivery_rate=15708086&cwnd=252&unsent_bytes=0&cid=9bb8ad234c02ed46&ts=153&x=0" X-Firefox-Spdy: h2

	GET m.charmfling.com/entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7	185.106.140.114	301 Moved Permanently	42 kB
URL User Request GET HTTP/2 m.charmfling.com/entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7 IP 185.106.140.114:443 ASN #7979 SERVERS-COM Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type gzip compressed data, from Unix Size 42 kB (42181 bytes) Hash 150b20e22a8e669b1b53155c6592331f b2851a8becec00c05ab5132600058618ee710f1d 4fcb0e589b876f81d522310b104123f6f9f7d30763917111e6c3069f5e20c869 HTTP Headers GET /entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7 HTTP/1.1 Host: m.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cdgaeja.mypersnaloffer.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently date: Sun, 19 Jan 2025 06:28:36 GMT content-type: text/html; charset=UTF-8 location: https://charmfling.com/entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7 accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET static.charmfling.com/desktop/images/loginpage/charmfling/big-logo.svg	104.21.51.197	200 OK	11 kB
URL GET HTTP/2 static.charmfling.com/desktop/images/loginpage/charmfling/big-logo.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type gzip compressed data, from Unix Size 11 kB (10675 bytes) Hash fda29b28365492fd3aa89138641fc8e8 e78b18c9abb6241a56bb137e2c40ba4762d2b0ec 2034ba85de1b1d7b38121bf24707fad00de0d4605cb8041e8c4d6e728f12182d HTTP Headers GET /desktop/images/loginpage/charmfling/big-logo.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: image/svg+xml vary: Accept-Encoding, Accept-Encoding x-amz-replication-status: COMPLETED last-modified: Thu, 09 Feb 2023 11:36:41 GMT etag: W/"fa1e43560104e7a2250e3a4e19deb09c" x-amz-version-id: kGt9JPS0gXsP.Jv6qHHB3s9KltsqTuIz cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains age: 240066 cf-cache-status: HIT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1junkh3eMMJM6O%2Bi557TMdYTISP3nuUQbXZhKqA%2BGr6HwXtTicj3%2FVmuthBrc7WNUAdQ2E650WF3xus0Fxmgd3n4KYUPseNC0HRKM6AGZ6%2ByA8TMrGhzphHZMYFqEN6XGI1YEoN15Y%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4019d187131-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1191&min_rtt=455&rtt_var=1201&sent=44&recv=16&lost=0&retrans=0&sent_bytes=49899&recv_bytes=2062&delivery_rate=15708086&cwnd=252&unsent_bytes=0&cid=9bb8ad234c02ed46&ts=93&x=0" X-Firefox-Spdy: h2

	GET static.charmfling.com/common/online_statuses/green_0.svg	104.21.51.197	200 OK	7.6 kB
URL GET HTTP/2 static.charmfling.com/common/online_statuses/green_0.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type gzip compressed data, from Unix Size 7.6 kB (7625 bytes) Hash 604cd32d090cf2e45031dc3ad8571453 e73e61b39445406e054a7861e8d9848ffa4449dc dbbf99f7544bfd6b4478572eb6b75208befa2e3d5a6d31533ef4e5c1036afd9f HTTP Headers GET /common/online_statuses/green_0.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: image/svg+xml vary: Accept-Encoding, Accept-Encoding x-amz-replication-status: COMPLETED last-modified: Wed, 08 Jul 2020 14:14:11 GMT etag: W/"9489eaca66daf0060a9cdc8a600384fa" x-amz-version-id: ZG8ziq_eCeQU6_aONy1a4_qX8ObFDw5A cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 170384 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RN5t0U%2BduaKlgOK6en%2BkT4r4v9v7dwRiJW%2B%2BwYrB1tvCrgkDVV0bgoEMomULFXJ940FQW26sC0tWSHndJUdpyeItYuQNwpHyHKmg6mzadNR9fZtreSIfhxBNXpUQm17VDYEVr4hrqk0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4018d167131-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1277&min_rtt=455&rtt_var=1371&sent=41&recv=15&lost=0&retrans=0&sent_bytes=48215&recv_bytes=2062&delivery_rate=15708086&cwnd=252&unsent_bytes=0&cid=9bb8ad234c02ed46&ts=92&x=0" X-Firefox-Spdy: h2

	GET charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050	185.106.140.114	200 OK	30 kB
URL User Request GET HTTP/2 charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 IP 185.106.140.114:443 ASN #7979 SERVERS-COM Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type gzip compressed data, from Unix Size 30 kB (29876 bytes) Hash b581dbaae2c673602d3e70d17b6224ba b11ba9e730c7297c90a339b39f9b9652a3f7fea1 4c1a2fd07baf6114a27ec4f92fcfcc0cb210f14eab446886f66f6aa9c1b2d25d HTTP Headers GET /?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cdgaeja.mypersnaloffer.com/ DNT: 1 Connection: keep-alive Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET static.charmfling.com/desktop/images/fresh/close.png	104.21.51.197	200 OK	1.3 kB
URL GET HTTP/3 static.charmfling.com/desktop/images/fresh/close.png IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type PNG image data, 61 x 61, 8-bit/color RGBA, non-interlaced Size 1.3 kB (1252 bytes) Hash 0bca99bfe18275be4817931ecf559ab2 ec1fe252fcd9aed7917bd83a92c8d2a334796919 df1a196b2d03873c9df882a3dfe9f51c99dba1fea76f00bcba6c8de6600e2eb6 HTTP Headers GET /desktop/images/fresh/close.png HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.charmfling.com/desktop/app-061d07e1d2.min.css Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/png content-length: 1252 last-modified: Wed, 22 Jan 2020 12:49:42 GMT etag: "0bca99bfe18275be4817931ecf559ab2" x-amz-version-id: null cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 accept-ranges: bytes priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fp%2Bpe4wwLtb0xVWY0TQ4PzKqKWdPk28diEHOjjzV7VOxchP%2FO0bPq62x1SahisFFDgOyR%2F36uTxDN496Uh8YzLh8%2FKb6QBB4oQYZa6O%2BWNB06CC%2FRAMwFeoIOuDCTMImss2H2djKIGc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c4045b6f56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=12976&min_rtt=4992&rtt_var=6626&sent=26&recv=16&lost=0&retrans=0&sent_bytes=10943&recv_bytes=3630&delivery_rate=17392&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=430&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/require-e4dbe06ebb.min.js?ver=charmfling.com	104.21.51.197	200 OK	6.8 kB
URL GET HTTP/2 static.charmfling.com/desktop/require-e4dbe06ebb.min.js?ver=charmfling.com IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type gzip compressed data, from Unix Size 6.8 kB (6838 bytes) Hash a44310ab41940be3d25a281392f6a94f da940812b9e693d37c286869152c69dbbf048f82 e6e30f6df155f0d9a22ac318a754705067ab1f5e5697cb37b4d1380cff11f5fe HTTP Headers GET /desktop/require-e4dbe06ebb.min.js?ver=charmfling.com HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-4481" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240066 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPFb7DQo%2F7awEhbP%2FyHwZI%2Frvacx7HdYxt4qBxMYEyjaOCJkNfQUIwBeBGdmKB0KMBwXTyfQx7neABSMTR%2BFIA7S6IjxYPr3Mwyq3CpOj5F6Q%2Fx0Ov%2Fue8LOM5Lwy42DqTHxPtX8wb8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4019d1a7131-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1212&min_rtt=436&rtt_var=943&sent=48&recv=17&lost=0&retrans=0&sent_bytes=52325&recv_bytes=2062&delivery_rate=15708086&cwnd=252&unsent_bytes=0&cid=9bb8ad234c02ed46&ts=96&x=0" X-Firefox-Spdy: h2

	GET overdates.com/imofake	23.111.80.246	200 OK	21 B
URL GET overdates.com/imofake IP 23.111.80.246:0 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectoverdates.com Fingerprint8C:B8:ED:F9:6C:89:76:EA:EB:2F:59:3A:0F:29:CF:0F:AE:08:28:95 ValidityWed, 01 Jan 2025 11:05:26 GMT - Tue, 01 Apr 2025 11:05:25 GMT File type very short file (no magic) Size 21 B (21 bytes) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers `GET /imofake HTTP/1.1 Host: overdates.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://charmfling.com/ DNT: 1 Connection: keep-alive Cookie: AD_ID=92664698f3fc5c0be0c655ac5e8edf26 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:37 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Accept-CH: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") Set-Cookie: PHPSESSID=f17788d135bd739c87899af38a503cc4; path=/; domain=.overdates.com; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip

	GET static.charmfling.com/desktop/images/settings_discovery.svg	104.21.51.197	200 OK	2.2 kB
URL GET HTTP/3 static.charmfling.com/desktop/images/settings_discovery.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type gzip compressed data, from Unix Size 2.2 kB (2173 bytes) Hash 729832ef03c6a4bd2b5482f01bef5995 00d2ba80bc8cdf319add36a5e47e817b71cccce4 79bf82ccebfcb8eb79354f854da52df02c14ab9bbff3d7fee06d11971fb144c4 HTTP Headers GET /desktop/images/settings_discovery.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.charmfling.com/desktop/app-061d07e1d2.min.css Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/svg+xml vary: Accept-Encoding, Accept-Encoding last-modified: Wed, 22 Jan 2020 12:50:36 GMT etag: W/"ce6b6c2ca20e57026ee4068eca794327" x-amz-version-id: null cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHoDm%2F6PopKz1GOmAdXtw6p6Gi%2FATjE0xpmpMwIrq%2FI%2B8itK%2FR87m5X%2BemsBLajHWTHL6nuI%2BZRnux1hJJL3bwpUFAz1kTufXNwB8RvoPjHm6dqnxe1SvhLXeYrHlnEOdpjt%2F5oaOlQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4047b7d56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=11668&min_rtt=4992&rtt_var=6051&sent=33&recv=20&lost=0&retrans=0&sent_bytes=15749&recv_bytes=4963&delivery_rate=195659&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/images/fresh/notification_ic_act.svg	104.21.51.197	200 OK	331 B
URL GET HTTP/3 static.charmfling.com/desktop/images/fresh/notification_ic_act.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type SVG Scalable Vector Graphics image Size 331 B (331 bytes) Hash 520078f818eaa7cd9171abf5934bf8d8 afc4f6020561bfdc75baab8d0da01d12888d0327 4b9b75dd6a3bb9217bb6148526f1859bc3e66d957f58921de0a7f7cef816afd4 HTTP Headers GET /desktop/images/fresh/notification_ic_act.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.charmfling.com/desktop/app-061d07e1d2.min.css Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/svg+xml vary: Accept-Encoding, Accept-Encoding last-modified: Wed, 22 Jan 2020 12:49:42 GMT etag: W/"520078f818eaa7cd9171abf5934bf8d8" x-amz-version-id: null cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 89147 priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGFOqfpyql11T4olmHKbSnwdQ7Lx%2B2VuB9TM7BfjgA9M%2B8fzzK4Lj7CtQO1YxHIgHKHG2jlJSthwDwq35cA4sRlhmVuXNooqzezCaShdpp%2FX%2BHjCU3NT9pr8Tqq%2FFOcrLAqm19d9de8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4044b6456ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=13349&min_rtt=4992&rtt_var=7841&sent=23&recv=13&lost=0&retrans=0&sent_bytes=9584&recv_bytes=2349&delivery_rate=117968&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=418&x=1", cfExtPri, cfHdrFlush;dur=0

	GET mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com	34.90.10.178	200 OK	34 kB
URL GET HTTP/2 mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type gzip compressed data, from Unix Size 34 kB (34547 bytes) Hash ccbfc4aafa1a3f2e7c58851fe5f15cab 10cacda0560248d4fbd901e235f5a236268e821f 94ce2b0e732d2b72b486c735d194bd0daf183d00adcc07c39617a342bee6ba34 HTTP Headers GET /tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: max-age=604800, public access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 604800 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET domdengo.com/js/jnk.js?user_id=831400050&pe=40350&sub_id=4358319617&domain=domdengo.com	34.90.10.178	200 OK	383 B
URL GET HTTP/2 domdengo.com/js/jnk.js?user_id=831400050&pe=40350&sub_id=4358319617&domain=domdengo.com IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectdomdengo.com Fingerprint07:C2:6A:20:65:AF:E7:3E:3A:BC:94:90:6B:BC:3A:9C:82:37:1B:1E ValiditySat, 07 Dec 2024 03:12:41 GMT - Fri, 07 Mar 2025 03:12:40 GMT File type JavaScript source, ASCII text, with very long lines (578), with no line terminators Size 383 B (383 bytes) Hash 91f725099f6253c8726efcac9c5d482d e3023d0abee23e492fa6df9d6272c4abcb25e740 e0b22430eff5acce86b0dfeeb929a555f577255018a0b5f35412a7737a109431 HTTP Headers `GET /js/jnk.js?user_id=831400050&pe=40350&sub_id=4358319617&domain=domdengo.com HTTP/1.1 Host: domdengo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Fri, 17 Jan 2025 18:23:31 GMT vary: Accept-Encoding etag: W/"678aa023-22e" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com	34.90.10.178	200 OK	34 kB
URL GET HTTP/2 mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type gzip compressed data, from Unix Size 34 kB (34311 bytes) Hash f912fb8e5f7423f3cc58585befa2cf03 1eadfd35d3dfa783565be56acdbf92142949bf2e 2c21d193e9efabab5d469e235b6488a41ee44088be5c5013122fe78670618a6e HTTP Headers GET /tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: max-age=604800, public access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 604800 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET node.phts.io:8083/?key=205ad24076c63351b20f82febd766f47&connectionId=itmlbq	172.255.233.92	200 OK	0 B
URL GET node.phts.io:8083/?key=205ad24076c63351b20f82febd766f47&connectionId=itmlbq IP 172.255.233.92:0 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /?key=205ad24076c63351b20f82febd766f47&connectionId=itmlbq HTTP/1.1 Host: node.phts.io:8083 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-requested-with Referer: https://charmfling.com/ Origin: https://charmfling.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Cache-Control: no-cache Content-Type: application/json;charset=utf-8 Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: accept, x-requested-with, content-type, async-page Access-Control-Allow-Origin: https://charmfling.com Access-Control-Max-Age: 600 Date: Sun, 19 Jan 2025 06:28:38 GMT Connection: keep-alive Transfer-Encoding: chunked`

	GET p.phts.io/spdexp5y3agkgdno8w8wk8ggsggks48.r120x120.68f600d6052fd287fcec7ee1142e3f3e.jpg	104.26.5.67	200 OK	6.7 kB
URL GET HTTP/2 p.phts.io/spdexp5y3agkgdno8w8wk8ggsggks48.r120x120.68f600d6052fd287fcec7ee1142e3f3e.jpg IP 104.26.5.67:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerLet's Encrypt Subjectphts.io Fingerprint45:D2:7A:8F:30:A1:88:D6:E4:74:A9:32:3D:63:FE:26:82:A2:2F:5E ValidityFri, 10 Jan 2025 00:31:31 GMT - Thu, 10 Apr 2025 00:31:30 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x120, components 3 Size 6.7 kB (6743 bytes) Hash 135c3f019dc1b53ec30e9e5ae6766a95 a8dd9a1daa6b7cdbd41c2efd2be54e25e8f8ea62 4daf031b1ec3b6560302fe82293e8de3450261f998fb883a3320f11fcf61bfc6 HTTP Headers `GET /spdexp5y3agkgdno8w8wk8ggsggks48.r120x120.68f600d6052fd287fcec7ee1142e3f3e.jpg HTTP/1.1 Host: p.phts.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg content-length: 6743 cache-control: public, max-age=315360000 cf-bgj: imgq:100,h2pri cf-polished: status=not_needed expires: Thu, 31 Dec 2037 23:55:55 GMT strict-transport-security: max-age=15724800; includeSubDomains x-cache: HIT cf-cache-status: HIT age: 18987755 last-modified: Thu, 13 Jun 2024 12:06:03 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2Be6ftTGTRgp8xXCHV4eFTidcn8JkcGfx9p5QlPoYUWAXAKeXnbENWBqZeddiD5zTjCsojhKNMv6Yo835mpIfz8SsFGIqaQ%2B2D%2BEo4biv7ByiYDlWLtyzetB9g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c40b2d99b50b-OSL server-timing: cfL4;desc="?proto=TCP&rtt=607&min_rtt=434&rtt_var=372&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1240&delivery_rate=5162210&cwnd=253&unsent_bytes=0&cid=ca2a959f4112628b&ts=44&x=0" X-Firefox-Spdy: h2

	GET charmfling.com/modal/mtdscollectemail	185.106.140.114	200 OK	143 kB
URL GET HTTP/2 charmfling.com/modal/mtdscollectemail IP 185.106.140.114:443 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type gzip compressed data, from Unix Size 143 kB (142850 bytes) Hash 4bb3882d7499ddbc2e75a07c4061e104 b364b67bae0ac4a5583b0ac079a19f3bc96782b5 0ea0fd2565dde32c8e6115b24f54c4c0dd23be42f38581c796ca9e75b4850c44 HTTP Headers GET /modal/mtdscollectemail HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest DNT: 1 Connection: keep-alive Referer: https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; user_id=831400050; is_generated=0; product_id=4; receiver_id=768360077200930975; product_receiver_id=175931550; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/json; charset=utf-8 vary: Accept-Encoding accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") cache-control: no-store, no-cache, must-revalidate pragma: no-cache expires: -1 access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET static.charmfling.com/desktop/naClick-a28ed6e7e2.min.js	104.21.51.197	200 OK	23 kB
URL GET HTTP/3 static.charmfling.com/desktop/naClick-a28ed6e7e2.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type gzip compressed data, from Unix Size 23 kB (23015 bytes) Hash dbea7900bc422215a0c2d6fc8ecc6f00 d10fe1ce143cd3d45d161f25afbd4cc0355a981c 92f2b5f662cbba15a567cbf21b642a8c7cc7df1ce35c789af319c042b8b863ee HTTP Headers GET /desktop/naClick-a28ed6e7e2.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-1d5" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5QaKIMJouR7ERyqJwVXAt5EJP2Sy2qqWhFme51PptAoz26rtypVRj6A1%2Bi4pqzGCOEqI14wjKK5PY4KF8VB%2FJmpcTkwAgc3XSkE2DrrbtBrcCipafd4gVe5ifixRSLfJpNg%2BAw1YJQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40b8e6156ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4253&min_rtt=1431&rtt_var=2644&sent=139&recv=74&lost=0&retrans=0&sent_bytes=90893&recv_bytes=27845&delivery_rate=298294&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1579&x=1", cfExtPri, cfHdrFlush;dur=0

	OPTIONS api.icalendars.app/api/v1/register	34.90.134.29	200 OK	7.8 kB
URL OPTIONS HTTP/2 api.icalendars.app/api/v1/register IP 34.90.134.29:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerZeroSSL Subjecticalendars.app Fingerprint4F:EF:53:D1:89:56:46:C9:D8:13:0C:2D:77:91:E2:AF:2A:0A:FA:A7 ValidityThu, 05 Dec 2024 00:00:00 GMT - Wed, 05 Mar 2025 23:59:59 GMT File type gzip compressed data, from Unix Size 7.8 kB (7752 bytes) Hash a824bcf541820c3e477dc1ddf9f3c135 58bbdf27605db23771ae881f716edb42a75c9f63 45c6d8d31df21783381b4db48fde74eaafa565ca6bb5013f8a07642b7f97d2d5 HTTP Headers POST /api/v1/register HTTP/1.1 Host: api.icalendars.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 521 Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/json vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET images.mrlscr.com/2a58d73834a18bc0fa68a588a1a0b273.gif	104.21.14.47	200 OK	94 kB
URL GET HTTP/2 images.mrlscr.com/2a58d73834a18bc0fa68a588a1a0b273.gif IP 104.21.14.47:443 ASN #13335 CLOUDFLARENET Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com FingerprintBB:2B:9D:EF:E4:87:CD:E0:F4:AA:5D:78:75:A1:A1:11:68:6E:6E:D0 ValidityMon, 09 Dec 2024 04:57:40 GMT - Sun, 09 Mar 2025 04:57:39 GMT File type GIF image data, version 89a, 720 x 480 Size 94 kB (94190 bytes) Hash 2a58d73834a18bc0fa68a588a1a0b273 2b3890f86814b7a4d192dd39a758a8308c155bc9 0795cafea15cc1edd95f3975ffe2e9f86fcbdcb4dfd6c8880457475debe6dc03 HTTP Headers `GET /2a58d73834a18bc0fa68a588a1a0b273.gif HTTP/1.1 Host: images.mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/gif content-length: 94190 last-modified: Wed, 13 Dec 2023 16:48:45 GMT etag: "2a58d73834a18bc0fa68a588a1a0b273" x-amz-server-side-encryption: AES256 x-amz-version-id: XqEKbux3pAtRDLhAORyYpXsfEwZvQ1n1 x-cache: Miss from cloudfront via: 1.1 c26999728b9b80253ea8308df470deba.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: iqlPdxJYLRbmNuFPUIPuUysqiRkD1e9fDir0ZWn8ETj3zCbw1qxHsw== cache-control: max-age=14400 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxMm9rlacR%2FCDJhsy6xn13DVYs%2BwDHFJ%2BH7Qudw1%2FrPrVPwJ4nARV6Fh0xbwe4Fk3vt3YtvMghO8OT1xTsVU5b5FMCDiC5c6RdZg6BVVwIXWM6a%2BgN2rb2dIETqk08QxI9MPfA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c40c5bcab4ee-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1779&min_rtt=556&rtt_var=1836&sent=33&recv=15&lost=0&retrans=1&sent_bytes=34423&recv_bytes=1365&delivery_rate=20539007&cwnd=237&unsent_bytes=0&cid=a075d56f257d9a50&ts=134&x=0" X-Firefox-Spdy: h2

	GET images.mrlscr.com/6b80ee14f35807d4a9bf919d4d0304e1.gif	104.21.14.47	200 OK	111 kB
URL GET HTTP/2 images.mrlscr.com/6b80ee14f35807d4a9bf919d4d0304e1.gif IP 104.21.14.47:443 ASN #13335 CLOUDFLARENET Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com FingerprintBB:2B:9D:EF:E4:87:CD:E0:F4:AA:5D:78:75:A1:A1:11:68:6E:6E:D0 ValidityMon, 09 Dec 2024 04:57:40 GMT - Sun, 09 Mar 2025 04:57:39 GMT File type GIF image data, version 89a, 160 x 600 Size 111 kB (111282 bytes) Hash 6b80ee14f35807d4a9bf919d4d0304e1 d1a7a88062029cc275b8a519f2a7e60cbff00dca 2876a8ae9d0c44776d0124015c7c4ac8aab31016e3d4e23fef428281111b7f2c HTTP Headers `GET /6b80ee14f35807d4a9bf919d4d0304e1.gif HTTP/1.1 Host: images.mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/gif content-length: 111282 last-modified: Wed, 13 Dec 2023 17:22:26 GMT etag: "6b80ee14f35807d4a9bf919d4d0304e1" x-amz-server-side-encryption: AES256 x-amz-version-id: pnjC0PPDIcMouINSZQEeYBqCEOdNwEJB x-cache: Miss from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PxZ4AHJeArdD3Yr9DRNBlX2tnRKPGHJZ52YGlq4cA0ALTIHAgvTjqg== cache-control: max-age=14400 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1i1wJwqeIfM%2FQLjgbe3E81jjU%2FqY%2BdMQlboUUxz9UaqjsydNq79dwyaCg8zuWVAdcXeyNIDClpgzn30dNe77DtGo%2B4LgIE4bVaIoEgByDL%2F9SUJTBw5dzU%2BjFFbBca02goEmQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c40c6bd4b4ee-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1614&min_rtt=556&rtt_var=1301&sent=105&recv=57&lost=0&retrans=2&sent_bytes=130105&recv_bytes=1365&delivery_rate=1002422&cwnd=237&unsent_bytes=0&cid=a075d56f257d9a50&ts=149&x=0" X-Firefox-Spdy: h2

	GET mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjE1NzAsImlzY2xlYW4iOjB9&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0	34.90.10.178	200 OK	11 kB
URL GET HTTP/2 mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjE1NzAsImlzY2xlYW4iOjB9&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type gzip compressed data, from Unix Size 11 kB (11140 bytes) Hash 717a149e8fc47f3bf3e849ef28a15c26 781e1b6de097438204275b559a2ff06ba8eb0936 f2195d5e32c4ba0a54b40c2e868d73d71d44dd6969d2eb7dbad69622528edb80 HTTP Headers GET /bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjE1NzAsImlzY2xlYW4iOjB9&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com pragma: no-cache cache-control: no-cache cache: reload credentials: include DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET mrlscr.com/utp/095c6af67bbefd9ee388791765dd62726aa922b59beccd5efc05dab0381dd3d1	34.90.10.178	200 OK	4.2 kB
URL GET HTTP/2 mrlscr.com/utp/095c6af67bbefd9ee388791765dd62726aa922b59beccd5efc05dab0381dd3d1 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type data Size 4.2 kB (4230 bytes) Hash dd4cd333755151cac05270fe542d88c8 63876cec33beefd45533464d5c25c6bd566272e7 f0e67d02549532394db6a1908db8f4f54c5a4486f9a534f9b6ccdeeed64d94f7 HTTP Headers GET /utp/095c6af67bbefd9ee388791765dd62726aa922b59beccd5efc05dab0381dd3d1 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Cookie: dia=92664698f3fc5c0be0c655ac5e8edf26; hasTP=e30= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET s.magsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881	95.211.229.245	200 OK	20 B
URL GET HTTP/1.1 s.magsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 IP 95.211.229.245:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerLet's Encrypt Subjectmagsrv.com Fingerprint8F:C6:18:04:35:A3:0E:73:B0:5F:1A:D9:5A:53:22:70:D9:08:FF:34 ValidityWed, 13 Nov 2024 09:40:09 GMT - Tue, 11 Feb 2025 09:40:08 GMT File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 HTTP/1.1 Host: s.magsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A128512%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-19%22%3B%7D%7D; expires=Mon, 19 Jan 2026 06:28:48 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	GET static.charmfling.com/desktop/adFramesHandler-7da1db1d69.min.js	104.21.51.197	200 OK	392 B
URL GET HTTP/3 static.charmfling.com/desktop/adFramesHandler-7da1db1d69.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (510) Size 392 B (392 bytes) Hash f644e1114e4fbbd2e1b0abb300a1ab37 c64de86540d40b98a580527ed6f2eacee3e9972b 58208bc839e7ec257e621cb1310edcb24167107048241c7b910a0dc94859a938 HTTP Headers GET /desktop/adFramesHandler-7da1db1d69.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-23a" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNjCPc0gsQpRIKFJvKJ5KvKtxDc1HhsX3XWAjuhSuX2%2B1IhbgpC3Y3436gq2NqYYqbcdUQhF%2BBvJEDwPMs0O6AR1b2VCtC%2B0CoXCPUKNWSs8D8hXVGujQfnAHhEd3kTvFiARTeKutyU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40b8e6056ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4253&min_rtt=1431&rtt_var=2644&sent=137&recv=74&lost=0&retrans=0&sent_bytes=89558&recv_bytes=27845&delivery_rate=298294&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1578&x=1", cfExtPri, cfHdrFlush;dur=0

	GET s.orbsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881	95.211.229.247	200 OK	20 B
URL GET HTTP/1.1 s.orbsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 IP 95.211.229.247:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerLet's Encrypt Subjectorbsrv.com Fingerprint68:D2:78:5A:A1:F3:43:0A:C2:31:B0:78:03:77:AF:FA:CE:91:CC:50 ValidityWed, 13 Nov 2024 09:45:27 GMT - Tue, 11 Feb 2025 09:45:26 GMT File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 HTTP/1.1 Host: s.orbsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A128512%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-19%22%3B%7D%7D; expires=Mon, 19 Jan 2026 06:28:48 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	GET s.pemsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881	95.211.229.247	200 OK	20 B
URL GET HTTP/1.1 s.pemsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 IP 95.211.229.247:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerLet's Encrypt Subjectpemsrv.com Fingerprint9F:B6:F2:EF:86:6F:5B:54:80:7C:EA:C6:ED:8A:A7:B6:F5:8B:A3:CD ValidityWed, 13 Nov 2024 09:45:53 GMT - Tue, 11 Feb 2025 09:45:52 GMT File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 HTTP/1.1 Host: s.pemsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A128512%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-19%22%3B%7D%7D; expires=Mon, 19 Jan 2026 06:28:48 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	GET charmfling.com/entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7	185.106.140.114	302 Found	43 kB
URL User Request GET HTTP/2 charmfling.com/entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7 IP 185.106.140.114:443 ASN #7979 SERVERS-COM Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type gzip compressed data, from Unix Size 43 kB (43229 bytes) Hash 45a20123e25df9ca3c5c320b0eacd258 79feabc7befcf15b13013ceec1ad088dcfcdd560 430914b6b952cd1f57a6ee6feea50417a83f9107fa0463d23d2cd30e3c366648 HTTP Headers GET /entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7 HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cdgaeja.mypersnaloffer.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found date: Sun, 19 Jan 2025 06:28:36 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; path=/; domain=.charmfling.com; secure adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; expires=Tue, 18-Feb-2025 06:28:36 GMT; Max-Age=2592000; path=/; domain=.charmfling.com p_param=1; expires=Wed, 14-Jan-2026 06:28:36 GMT; Max-Age=31104000; path=/; domain=.charmfling.com p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; expires=Wed, 14-Jan-2026 06:28:36 GMT; Max-Age=31104000; path=/; domain=.charmfling.com partner_id=40350; expires=Sun, 19-Jan-2025 07:28:36 GMT; Max-Age=3600; path=/; domain=.charmfling.com first-session=1; path=/; domain=.charmfling.com pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; expires=Mon, 19-Jan-2026 06:28:36 GMT; Max-Age=31536000; path=/; domain=.charmfling.com; HttpOnly auth_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.charmfling.com just_tracked=1; expires=Sun, 19-Jan-2025 06:30:36 GMT; Max-Age=120; path=/; domain=.charmfling.com location: /?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET s.zlinkp.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881	95.211.229.247	200 OK	20 B
URL GET HTTP/1.1 s.zlinkp.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 IP 95.211.229.247:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerLet's Encrypt Subjectzlinkp.com FingerprintDA:52:3B:DC:27:8B:BD:4A:5B:E6:56:2A:AD:D4:9F:54:BB:3C:11:9C ValiditySat, 21 Dec 2024 15:40:56 GMT - Fri, 21 Mar 2025 15:40:55 GMT File type gzip compressed data, max speed, from Unix Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 HTTP/1.1 Host: s.zlinkp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A128512%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-19%22%3B%7D%7D; expires=Mon, 19 Jan 2026 06:28:48 GMT; path=/; domain=.zlinkp.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	GET static.charmfling.com/desktop/css-cce62e17fb.min.js	104.21.51.197	200 OK	1.5 kB
URL GET HTTP/3 static.charmfling.com/desktop/css-cce62e17fb.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1502), with no line terminators Size 1.5 kB (1473 bytes) Hash 1cb203c2a782ee74bfa413642ef1c9e3 9161482b08d90442b32eb562b9612000c4974086 c2e1adaa9d2c336682456d0cb743558caeeaa717b179eb541e977a50895c6563 HTTP Headers GET /desktop/css-cce62e17fb.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-5c1" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGDOhyZua7gQeo7wL%2B%2BO1EnemZWtenbBThVYUL2ulxNKRvBbAv1S2jKAUdr9F7UjkRzVs7M%2Be1CfcrMPJt7koHApaQzPBS%2F4NQ0YakENr6hr%2B%2FvYCRNzNzSxCFvG458Di0ip0NaBqHM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409bd9856ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6182&min_rtt=1431&rtt_var=4765&sent=102&recv=54&lost=0&retrans=0&sent_bytes=66501&recv_bytes=19620&delivery_rate=761034&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1289&x=1", cfExtPri, cfHdrFlush;dur=0

	GET mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjM1NiwiaXNjbGVhbiI6MH0%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0	34.90.10.178	200 OK	1.9 kB
URL GET HTTP/2 mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjM1NiwiaXNjbGVhbiI6MH0%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type HTML document, ASCII text, with very long lines (1965), with no line terminators Size 1.9 kB (1900 bytes) Hash e4b7250831d5859041871fa1a33155e6 668a48a70c15b29ab3a3bd189fdfbd84cc16d6b7 702936f146d9589f231af9e540c0d098eeece87a9ae064ff514c28702bd0a284 HTTP Headers GET /bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjM1NiwiaXNjbGVhbiI6MH0%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com pragma: no-cache cache-control: no-cache cache: reload credentials: include DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET charmfling.com/track/lb/image/	185.106.140.114	200 OK	42 B
URL GET HTTP/2 charmfling.com/track/lb/image/ IP 185.106.140.114:443 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type GIF image data, version 89a, 1 x 1 Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /track/lb/image/ HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: image/gif accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: 0 access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET syndication.realsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881	95.211.229.245	200 OK	0 B
URL GET HTTP/1.1 syndication.realsrv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 IP 95.211.229.245:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerLet's Encrypt Subjectrealsrv.com Fingerprint20:D3:7A:AB:E2:A0:C5:69:23:60:A6:55:75:00:EB:A5:74:18:D3:CD ValidityWed, 13 Nov 2024 09:47:57 GMT - Tue, 11 Feb 2025 09:47:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A128512%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-19%22%3B%7D%7D; expires=Mon, 19 Jan 2026 06:28:48 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	GET s.opoxv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881	95.211.229.245	200 OK	0 B
URL GET HTTP/1.1 s.opoxv.com/tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 IP 95.211.229.245:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerLet's Encrypt Subjectopoxv.com FingerprintE3:B7:8C:DA:28:33:57:A9:AB:16:32:E1:01:54:51:DF:F6:0E:1C:66 ValidityWed, 13 Nov 2024 09:43:17 GMT - Tue, 11 Feb 2025 09:43:16 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tag.php?goal=4c102faffce809ce23170524aa1ae92c&stackUid=2038804881 HTTP/1.1 Host: s.opoxv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Jan 2025 06:28:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A128512%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-19%22%3B%7D%7D; expires=Mon, 19 Jan 2026 06:28:48 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip`

	GET mrlscr.com/utp/a60a96d4d0e82cd013707388ac4d6267705dd5d2d5130fda432ef4f2adeae0c8	34.90.10.178	200 OK	134 B
URL GET HTTP/2 mrlscr.com/utp/a60a96d4d0e82cd013707388ac4d6267705dd5d2d5130fda432ef4f2adeae0c8 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type ASCII text, with no line terminators Size 134 B (134 bytes) Hash c9d438e716435904bdc1630131a74705 d9f5fa649c0e466decb6586dda0a079d7127c88f 3fd2546c23893d4a5b9a095007977d0eed932c2765943d84805bf8bea767e106 HTTP Headers GET /utp/a60a96d4d0e82cd013707388ac4d6267705dd5d2d5130fda432ef4f2adeae0c8 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Cookie: dia=92664698f3fc5c0be0c655ac5e8edf26; hasTP=eyJ0cmFmZmljSnVuayI6IjEiLCJjaGVhcFB1cmNoYXNlQnlQZSI6IjEifQ== Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/DiscoveryFilters-c2db2accb3.min.js	104.21.51.197	200 OK	3.1 kB
URL GET HTTP/3 static.charmfling.com/desktop/DiscoveryFilters-c2db2accb3.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (3212), with no line terminators Size 3.1 kB (3110 bytes) Hash 30810c71beddc5be3d878263a4aaf4d2 f3ed02fdb91535ac4c2a05d8fb7168c847c2294f c2b93182a5fa9757906cf04056a1a3cbdbf25c65595dda6d458e8069ccb59189 HTTP Headers GET /desktop/DiscoveryFilters-c2db2accb3.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-c26" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uriS7iEbpPzoDDIbkfxuB6j%2FHIuvjNlrpHBwmj%2BtfrvHXbg29dCpT6P9LqCP%2BU%2BwWuqmdJLbaTCuRcgvKMgfe2vXSROWjaVtzj%2BvAn8eHYrozUVQDc3Hk2aPI5xa%2BnrJ2HtLpdZsXVU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409ad9156ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6846&min_rtt=1431&rtt_var=4584&sent=100&recv=53&lost=0&retrans=0&sent_bytes=64244&recv_bytes=19574&delivery_rate=208738&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1285&x=1", cfExtPri, cfHdrFlush;dur=0

	GET mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjM2MSwiaXNjbGVhbiI6MH0%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0	34.90.10.178	200 OK	893 B
URL GET HTTP/2 mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjM2MSwiaXNjbGVhbiI6MH0%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type HTML document, ASCII text, with very long lines (934), with no line terminators Size 893 B (893 bytes) Hash 77584616d8779e58099cc6a4d3a19b42 24fd9ead8f9c0602df66b02878fabd6332723579 cfaf0aefaad45648fcd31885781b453faf1f7c9132fbbdf65d8b723b5c1f582c HTTP Headers GET /bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjM2MSwiaXNjbGVhbiI6MH0%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com pragma: no-cache cache-control: no-cache cache: reload credentials: include DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET images.mrlscr.com/735b0793a4ec4179051f28155f607002.gif	104.21.14.47	200 OK	5.9 kB
URL GET HTTP/2 images.mrlscr.com/735b0793a4ec4179051f28155f607002.gif IP 104.21.14.47:443 ASN #13335 CLOUDFLARENET Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com FingerprintBB:2B:9D:EF:E4:87:CD:E0:F4:AA:5D:78:75:A1:A1:11:68:6E:6E:D0 ValidityMon, 09 Dec 2024 04:57:40 GMT - Sun, 09 Mar 2025 04:57:39 GMT File type GIF image data, version 89a, 728 x 90 Size 5.9 kB (5939 bytes) Hash 735b0793a4ec4179051f28155f607002 63fb3404cb0058c7c36021e35245fd80af67c58d 165d60413f79dd9ada4a2a304faaee52d162afa2dfcd280edcd010aa249e548c HTTP Headers `GET /735b0793a4ec4179051f28155f607002.gif HTTP/1.1 Host: images.mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/gif content-length: 5939 last-modified: Wed, 13 Dec 2023 17:18:33 GMT etag: "735b0793a4ec4179051f28155f607002" x-amz-server-side-encryption: AES256 x-amz-version-id: dbN4aNIPjObJP3jHwzihHVcnKivlEQC1 x-cache: Miss from cloudfront via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 0L6LrLXEZMA1d99boPPse32MR0PxCmsEzlYPVUVEpAXe9fppNlAyuQ== cache-control: max-age=14400 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5nMOStPVBt5Ib3UEFMLOHvHPKSl5blhIkG1OwjogAqGvxNPtyefRRDuRQpFFsca6QL8pZNT0mY9UTf0i2maoZ73jyG%2FrZhCRcUX1wjOsbojh6sdUuQTziIxWZnfC2mAeE84jCw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c40c3bb7b4ee-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1033&min_rtt=556&rtt_var=459&sent=26&recv=14&lost=0&retrans=0&sent_bytes=27218&recv_bytes=1365&delivery_rate=20539007&cwnd=237&unsent_bytes=0&cid=a075d56f257d9a50&ts=115&x=0" X-Firefox-Spdy: h2

	GET static.charmfling.com/common/avatar_characters/10.svg	104.21.51.197	200 OK	11 kB
URL GET HTTP/3 static.charmfling.com/common/avatar_characters/10.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type Size 11 kB (11422 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /common/avatar_characters/10.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/svg+xml vary: Accept-Encoding, Accept-Encoding last-modified: Thu, 23 Jan 2020 10:16:45 GMT etag: W/"a0abc1b3115f6ae54ec6e2093bf27b51" x-amz-version-id: null cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 233570 priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfU1%2BbllGIxvtN2aYxyeReS80CRVwEbJDe88jP3b0Sw7WZwmUejsdgFNSUsbQnM07fP1WP87vVwPh1i9jxiJFb0ORb1Vt655ufWBYmud6D%2Fo2u%2Bqw%2By9pmuhpUx0i0CJbjNCS56vFoU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4044b6656ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=13349&min_rtt=4992&rtt_var=7841&sent=18&recv=13&lost=0&retrans=0&sent_bytes=4364&recv_bytes=2349&delivery_rate=117968&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=418&x=1", cfExtPri, cfHdrFlush;dur=0

	POST api.icalendars.app/api/v1/firebase/popup	34.90.134.29	200 OK	41 B
URL POST HTTP/2 api.icalendars.app/api/v1/firebase/popup IP 34.90.134.29:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerZeroSSL Subjecticalendars.app Fingerprint4F:EF:53:D1:89:56:46:C9:D8:13:0C:2D:77:91:E2:AF:2A:0A:FA:A7 ValidityThu, 05 Dec 2024 00:00:00 GMT - Wed, 05 Mar 2025 23:59:59 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 41 B (41 bytes) Hash 626b6a2c96d5462eb9041060d8bd5964 2b46fa2428b8fbf5c9be8c42cb0e7f86ec5b6d8b 5000cf67806de79f503c52edf0263e7542a6aab78cc20703136b66d33dd79620 HTTP Headers POST /api/v1/firebase/popup HTTP/1.1 Host: api.icalendars.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 725 Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/json vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/resizeModule-3df307e03b.min.js	104.21.51.197	200 OK	499 B
URL GET HTTP/3 static.charmfling.com/desktop/resizeModule-3df307e03b.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (507), with no line terminators Size 499 B (499 bytes) Hash 38ef8c87ef6cad03e900ab9e82f1292f 240ead8279cd72cca1cdc0a3e374934726665776 c505832fc03e81e2d0734176942c3150a190cd6fbfec5f6961bf38070d44b726 HTTP Headers GET /desktop/resizeModule-3df307e03b.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-1f3" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWeFzaIILF0uu8ImfAzP9rkJRc1gaDkEzLT8Qy3udpjCf51fdxccu0BzZ6mavUrSNWNBDAbKJMVbKi6oKQal6je1fuW7V25sz63vFN1Ry5elSkMoMTHIwCAvY3MRgxVVZvblUpY9u38%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409ad8d56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=7021&min_rtt=1431&rtt_var=5644&sent=88&recv=51&lost=0&retrans=0&sent_bytes=55282&recv_bytes=18766&delivery_rate=959041&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1280&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/Dialog-4a654aa44a.min.js	104.21.51.197	200 OK	3.0 kB
URL GET HTTP/3 static.charmfling.com/desktop/Dialog-4a654aa44a.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (3061), with no line terminators Size 3.0 kB (3001 bytes) Hash 757c393c44e974699505203b1ea8c609 d7459380551a77622af899c1eac07044fe4e2119 340242e5beb24f298443467fdba9a220079133ea0c4872f8f3902b3cbd8c1900 HTTP Headers GET /desktop/Dialog-4a654aa44a.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 15:44:15 GMT vary: Accept-Encoding etag: W/"6789294f-bb9" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: MISS priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9KWMLePA0h60qafhqZnx4ogGH67jOrDbW5XFGknstWcCTK03x7uJk4DNlpU1sNTefqR9t6XA%2FR5iVKPaiZdRRsjr%2BnxLesQB8z%2Frv0qvsDd66kJypQqVXdGdXKhq1OZDdTbZo%2B8LsI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4075cca56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=12653&min_rtt=4992&rtt_var=7352&sent=61&recv=32&lost=0&retrans=0&sent_bytes=36828&recv_bytes=9236&delivery_rate=464270&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1015&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/doAction-2eb2f86630.min.js	104.21.51.197	200 OK	550 B
URL GET HTTP/3 static.charmfling.com/desktop/doAction-2eb2f86630.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (562), with no line terminators Size 550 B (550 bytes) Hash 820cc6091953436f5c7bdeb62267b729 27b9c12736448a3a182138f509ed8dc14c18b6a3 8f43deba72696fbe6dc032e8c2dfbc4738baf31192eeb72be92d7e15f1111310 HTTP Headers GET /desktop/doAction-2eb2f86630.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-226" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPbai7JoAG4zfoQVSbABfdKUJOTtUZlEWDAtSNX2tBvNY12ogWNZxHgYCHiCNbzPnzjUvGpbaPiXj9FdVAGjAOGEXF1C5%2Fkoan%2F5J5mO2hI9heXYxxz2vGCOWXblJpYa0nrXRKIMmaQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4085d2456ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=11257&min_rtt=1486&rtt_var=8306&sent=66&recv=36&lost=0&retrans=0&sent_bytes=39061&recv_bytes=11017&delivery_rate=1449019&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1067&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/nouislider-5aeb2d5cdd.min.js	104.21.51.197	200 OK	17 kB
URL GET HTTP/3 static.charmfling.com/desktop/nouislider-5aeb2d5cdd.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (16852) Size 17 kB (16907 bytes) Hash f61ca01c5bc73b7d73c74e849bddf060 c0d5ec9d5196fbe96ccac12a3473b4f7467172e6 7226e90908aaea97eb2c058b1ee9b632f76ca1358b4f39a4ba47fbef196e9da4 HTTP Headers GET /desktop/nouislider-5aeb2d5cdd.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-420b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daCPlvLBGoiUHglN6Qk%2BPkjSX%2BaiYobB%2BCz1YIZGrKiXzYZ45mku7%2BaxTBY%2FEk7kiTVoDzW4E7VFerLBNEGsTjHt%2Fkuk0NOpEOHIcWOcbfymFOg883ESwGBW48%2BizzNWAY1rAWRQdzM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40a5dd256ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=5194&min_rtt=1431&rtt_var=3696&sent=110&recv=60&lost=0&retrans=0&sent_bytes=71678&recv_bytes=22066&delivery_rate=277410&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1385&x=1", cfExtPri, cfHdrFlush;dur=0

	GET mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjcsImlzY2xlYW4iOjB9&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0	34.90.10.178	200 OK	2.9 kB
URL GET HTTP/2 mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjcsImlzY2xlYW4iOjB9&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type HTML document, ASCII text, with very long lines (2982), with no line terminators Size 2.9 kB (2867 bytes) Hash f64026b1289878c6518f6d4252a167a8 16da9a4c01686a52ab12662d28459300305cb0b3 65f7b34e10f6d69f56002a8c60a20101930b63ef6446be203d000631642f0a77 HTTP Headers GET /bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjcsImlzY2xlYW4iOjB9&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com pragma: no-cache cache-control: no-cache cache: reload credentials: include DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/cookie-6ceda5d033.min.js	104.21.51.197	200 OK	736 B
URL GET HTTP/3 static.charmfling.com/desktop/cookie-6ceda5d033.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (764), with no line terminators Size 736 B (736 bytes) Hash bf90c0b82118f7db63b5e1e21ba553ba c8b415a6383868d13fda2b530ee445350bf12e9c 3089ef42e93273b6c3e9ad0d6eb27ea18001284e267f7977caecc68ea4cf51cc HTTP Headers GET /desktop/cookie-6ceda5d033.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-2e0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JnGuua9RPqAg9jHN6SmoMdwpSuzdGVGTSa7v20i3h6HeqIq0xj3ozgq%2FvOl8dAr1DZwkKsv8NzhRxUYLwOXNjU16OI2COgwEX1TsoHmRKlumOo9N9gh47oul7d2zxN6gp0DozraCQo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4076cd056ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=13744&min_rtt=4992&rtt_var=6896&sent=59&recv=31&lost=0&retrans=0&sent_bytes=35459&recv_bytes=9192&delivery_rate=147964&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=920&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/modal-e85a38a7d9.min.js	104.21.51.197	200 OK	1.2 kB
URL GET HTTP/3 static.charmfling.com/desktop/modal-e85a38a7d9.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1228), with no line terminators Size 1.2 kB (1208 bytes) Hash a58a6c9529069ed189815bd08391ded6 06a4ec54e2be42435623e439ad03ecbdd8aa4ada 88732640996ce83ef8c57b816e0618a2da6de962958e14a3b636fe97587cd4cc HTTP Headers GET /desktop/modal-e85a38a7d9.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-4b8" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkDlwI0cH4Z3kLV2f4cY6wz7QPNpUgT%2B%2FwMOHV152xvJ%2B8urMlPglirL%2BrXL9F0fV5TiUFbFOrOEunhKbO2du5HsNVDzh4nyJi%2FVGSAB%2FJGRN%2FyjsH%2BtMT7HfNp9f7dxS7Q5s85n91Y%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4076cce56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=13744&min_rtt=4992&rtt_var=6896&sent=57&recv=31&lost=0&retrans=0&sent_bytes=33888&recv_bytes=9192&delivery_rate=147964&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=919&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/IndexAction-c25a3c0246.min.js	104.21.51.197	200 OK	6.2 kB
URL GET HTTP/3 static.charmfling.com/desktop/IndexAction-c25a3c0246.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (6327), with no line terminators Size 6.2 kB (6179 bytes) Hash 76aba3cbfc9818794b36aae97337c0b5 f4cb04fb15fc258c898313bc8d99cc9a995c4f36 5471b26e62c188b78dc92d4c7229d694b5ec3bd20361228f2df3d129a2d85b7e HTTP Headers GET /desktop/IndexAction-c25a3c0246.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-1823" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujxcNTwoPedNWn4frQ8JnAU23lrQrhBQOTjeWAKOfG1fHAFZa4Qxm1Y52lqce3Ufg7vt%2FDNzduqdlgf0L2HlTL8HGJG1KYoAX9DXSPx5h1IGdOvvWXml2uSGPl3YU%2BmY%2BcKHg6tyhbc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4094d6a56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=9392&min_rtt=1486&rtt_var=4918&sent=80&recv=44&lost=0&retrans=0&sent_bytes=48239&recv_bytes=14077&delivery_rate=179347&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1223&x=1", cfExtPri, cfHdrFlush;dur=0

	GET charmfling.com/reqcid?req_cid=23a16a054269feffa6289016bdeaa0fe	185.106.140.114	200 OK	0 B
URL GET HTTP/2 charmfling.com/reqcid?req_cid=23a16a054269feffa6289016bdeaa0fe IP 185.106.140.114:443 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /reqcid?req_cid=23a16a054269feffa6289016bdeaa0fe HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET static.charmfling.com/desktop/z-74b4e24a8e.min.js	104.21.51.197	200 OK	24 kB
URL GET HTTP/3 static.charmfling.com/desktop/z-74b4e24a8e.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (24292) Size 24 kB (24338 bytes) Hash 9d8213e55d851eca7262ce8119703d69 944ae82ad4ea414a0f76cc98f7890f8039ec8b4c 6038ff112fa9b0e6470547a6c91e635a78ce52bdbe9f064010f80635bce05f8b HTTP Headers GET /desktop/z-74b4e24a8e.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-5f12" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O22M%2BkQwm3t5EdivP1mK9cjNxrwjWvXGMYHyNwViwLfnNHb6z6Q4bXnbofwqYXzyrnOn7B2EoPqN1fDWFga5tgtaXxuf6GRm3bp6rfEQWtaeXJ7vpPSCFzIlOWAUgiNi9zjiEubiraA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4058c0e56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=11887&min_rtt=4992&rtt_var=4976&sent=37&recv=23&lost=0&retrans=0&sent_bytes=18254&recv_bytes=6161&delivery_rate=165233&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=618&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/chatPoll-79896c1668.min.js	104.21.51.197	200 OK	2.0 kB
URL GET HTTP/3 static.charmfling.com/desktop/chatPoll-79896c1668.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1983), with no line terminators Size 2.0 kB (1963 bytes) Hash 81d43282ec4acc111874b9bfbe168e16 fee77648fa79289893c4c0a0f9c8e8057903dba9 a8acea44310f3219a12bc50b43797eab071da45dcf6b56bf9827069ea3b521fa HTTP Headers GET /desktop/chatPoll-79896c1668.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-7ab" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2B6wGCCVJPqvjX0BtSdZKYTMzJ3oyA7dmfz9jSYg56dSE1cSMyfM%2FL1f1dY%2BVZnqzfwoIAKoWOMdP0X1ZkL9Q4o7AtbVy72lnpBbItzK03FHJD65eKijbyNHgwotAK7zCejvs59ZMO4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4076ccc56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=14038&min_rtt=4992&rtt_var=8409&sent=55&recv=30&lost=0&retrans=0&sent_bytes=32067&recv_bytes=9148&delivery_rate=225874&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=917&x=1", cfExtPri, cfHdrFlush;dur=0

	GET p.phts.io/spdexpdcewn6g4a2o00kg0sc4wk88wo.rx800.ef2bd3a081f16b36cd6491cf31cdfe0b.jpg	104.26.5.67	200 OK	143 kB
URL GET HTTP/2 p.phts.io/spdexpdcewn6g4a2o00kg0sc4wk88wo.rx800.ef2bd3a081f16b36cd6491cf31cdfe0b.jpg IP 104.26.5.67:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerLet's Encrypt Subjectphts.io Fingerprint45:D2:7A:8F:30:A1:88:D6:E4:74:A9:32:3D:63:FE:26:82:A2:2F:5E ValidityFri, 10 Jan 2025 00:31:31 GMT - Thu, 10 Apr 2025 00:31:30 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3 Size 143 kB (142828 bytes) Hash 0c4696d12528ba345ad17114d1e5d04b 7341484f9001cd050700d8953c7bb82e02939776 0283f9ded3a716f8061ed7f3b8ab2cf01b1d8a42dfa6402f1481f1d99cc71d44 HTTP Headers `GET /spdexpdcewn6g4a2o00kg0sc4wk88wo.rx800.ef2bd3a081f16b36cd6491cf31cdfe0b.jpg HTTP/1.1 Host: p.phts.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg content-length: 142828 cache-control: public, max-age=315360000 cf-bgj: imgq:100,h2pri cf-polished: origSize=146445 expires: Thu, 31 Dec 2037 23:55:55 GMT strict-transport-security: max-age=15724800; includeSubDomains x-cache: HIT cf-cache-status: HIT age: 2708697 last-modified: Wed, 18 Dec 2024 22:03:41 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qG6LV5iHWZQgijTVEjpIWicMxZPM1FMgou0Rw%2ByTyhIj0IDfJmxp8TmYnSs%2BrP79O917dzG1oI4MBHhLek9HKznqs8UlvsvLpvzSOMw7dpfn5Ia90WiFsxkY6A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c40b8dbdb50b-OSL server-timing: cfL4;desc="?proto=TCP&rtt=730&min_rtt=434&rtt_var=525&sent=13&recv=11&lost=0&retrans=0&sent_bytes=10484&recv_bytes=1360&delivery_rate=6374842&cwnd=253&unsent_bytes=0&cid=ca2a959f4112628b&ts=95&x=0" X-Firefox-Spdy: h2

	GET mrlscr.com/utp/8fa5208974f8133e73da8c1016e33e23ce374fe1fcc4a772ea111b34694201a2	34.90.10.178	200 OK	134 B
URL GET HTTP/2 mrlscr.com/utp/8fa5208974f8133e73da8c1016e33e23ce374fe1fcc4a772ea111b34694201a2 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type ASCII text, with no line terminators Size 134 B (134 bytes) Hash c9d438e716435904bdc1630131a74705 d9f5fa649c0e466decb6586dda0a079d7127c88f 3fd2546c23893d4a5b9a095007977d0eed932c2765943d84805bf8bea767e106 HTTP Headers GET /utp/8fa5208974f8133e73da8c1016e33e23ce374fe1fcc4a772ea111b34694201a2 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Cookie: dia=92664698f3fc5c0be0c655ac5e8edf26; hasTP=eyJ0cmFmZmljSnVuayI6IjEiLCJjaGVhcFB1cmNoYXNlQnlQZSI6IjEifQ== Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/ui_icons/0811-cross.svg	104.21.51.197	200 OK	308 B
URL GET HTTP/3 static.charmfling.com/desktop/ui_icons/0811-cross.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type SVG Scalable Vector Graphics image Size 308 B (308 bytes) Hash 8fe9393424849536a650687769ce6d81 187fc75bf455e4ad5e13b16713680d693b47d9db 7b824053f7eb3cb8c1a53e062c6df7bf37f5b4d022487f72f4c793d69ccb7741 HTTP Headers GET /desktop/ui_icons/0811-cross.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.charmfling.com/desktop/app-061d07e1d2.min.css Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/svg+xml last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-134" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpSiBaK08gudDDyRN6HihGb%2B92u%2FWwnCkYfTBcWDk4IEahnQ3tV7r3JbEWHoLqWW0xmyckX%2BEa6bwypiCnxG4OWgJDgYD61Dv0I%2BmY0w11ucBvs7V5s0Shhk6Em0VqCbPUvhfhGWvKI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4045b7156ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=12976&min_rtt=4992&rtt_var=6626&sent=28&recv=16&lost=0&retrans=0&sent_bytes=13176&recv_bytes=3630&delivery_rate=17392&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=431&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/images/fresh/notification_ic.svg	104.21.51.197	200 OK	556 B
URL GET HTTP/3 static.charmfling.com/desktop/images/fresh/notification_ic.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type SVG Scalable Vector Graphics image Size 556 B (556 bytes) Hash 032a6ec051b5795c9879883e53e6ee14 fff6f4546082bca82ac7858842c42ff862438bd7 5ceda4d226e03d72cca2367965603716a8e5cbb9235e1c6fd9bf17a427aee335 HTTP Headers GET /desktop/images/fresh/notification_ic.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.charmfling.com/desktop/app-061d07e1d2.min.css Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/svg+xml vary: Accept-Encoding, Accept-Encoding last-modified: Wed, 22 Jan 2020 12:49:42 GMT etag: W/"23f9c882dc2705b2e827ca650a0552aa" x-amz-version-id: null cache-control: max-age=315360000 expires: Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcQFhsZGZbd3rXyMoqsGlGNhmUL%2FxkuVyxDpIk3SBS02QC6yAXm6PKcUALwP3M9Z4dNUYDGF6L1Ccabcn2h23MjqyYkYzm2vEpFUR5ysDbeuYfxTPZmVmTyneV%2F4lfGYh7Hg3z9bCZg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40aee1d56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3702&min_rtt=1431&rtt_var=2701&sent=129&recv=69&lost=0&retrans=0&sent_bytes=85422&recv_bytes=25446&delivery_rate=825687&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1483&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/helper-5ef962b299.min.js	104.21.51.197	200 OK	597 B
URL GET HTTP/3 static.charmfling.com/desktop/helper-5ef962b299.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (603), with no line terminators Size 597 B (597 bytes) Hash 8f99d24487e6b2409d68779cba8ec0b6 2dcdc5b42f3c4a2c1e14ed76bf379e5f17205adb e90d3acdf8715737676e358f0f68dbcc0c9980502687b58e25907e40111a6286 HTTP Headers GET /desktop/helper-5ef962b299.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-255" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4D9cDSBpxniPIQRmZxSbDHDF%2FcKArxxpyMLzzSKh8En%2F2Z3JOzB%2FfNR33%2BaYyjoQevtxk8gZzofuYV1XDQq%2BUuKPpBINE9vybyqHPdKn9ljsaeL%2Bt7Tf8lYronyPhcCua9AGv7Q6Xak%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409ad9456ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6846&min_rtt=1431&rtt_var=4584&sent=96&recv=53&lost=0&retrans=0&sent_bytes=61210&recv_bytes=19574&delivery_rate=208738&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1283&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/Notify-ee072f6f5c.min.js	104.21.51.197	200 OK	3.4 kB
URL GET HTTP/3 static.charmfling.com/desktop/Notify-ee072f6f5c.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (3549), with no line terminators Size 3.4 kB (3447 bytes) Hash c410819cb457e1186be7f49bd2975c2a 455e74f134539d11f4e79bbb7773339642aa6e48 f911ec9e0df7ed77d3a0c080fd078388850828c8312ad28084a9a1ad9be1320b HTTP Headers GET /desktop/Notify-ee072f6f5c.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-d77" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDC%2FIYR8neYr%2BA2YVVbSjU1Ox0UJYRXZnPk0ONKpegUq%2Bbn9jjaYnPqsnEBjRLPu%2FdQcTt6IocGREaa%2F66GLLwFQth6JnDgoLEPa15dC6myapF8T5o7C7LHNlOnBGfLVtP15shM3HlE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4095d6c56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=9392&min_rtt=1486&rtt_var=4918&sent=83&recv=44&lost=0&retrans=0&sent_bytes=51420&recv_bytes=14077&delivery_rate=179347&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1224&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/bLazy-ff72535614.min.js	104.21.51.197	200 OK	4.3 kB
URL GET HTTP/3 static.charmfling.com/desktop/bLazy-ff72535614.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (4379), with no line terminators Size 4.3 kB (4303 bytes) Hash e5273e521317df6b47b87819ae8006b7 c2f45242c976352b77136e0b50e8df5069812798 b317d570afad6c3fb16c4f20fb2af1dad3e82ac69b28262d29f2e758ca0daa5b HTTP Headers GET /desktop/bLazy-ff72535614.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-10cf" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnqcXMwlxZffnugRIUKgriVVwzVnrEtpk8chfiwU0M7G5cWV5h%2B%2BsIWmfbxJX%2FUv7i80%2Fgqq31CX6vrMF%2BSEuXw8CAkYFYWrsLNgxhmRKwZlAZExu5UrpiSYeYMJm45c1iStbBVBUvI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409ad8f56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=7021&min_rtt=1431&rtt_var=5644&sent=91&recv=52&lost=0&retrans=0&sent_bytes=56588&recv_bytes=19528&delivery_rate=959041&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1282&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/avatarPreload-f9c50aa97e.min.js	104.21.51.197	200 OK	1.4 kB
URL GET HTTP/3 static.charmfling.com/desktop/avatarPreload-f9c50aa97e.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1466), with no line terminators Size 1.4 kB (1427 bytes) Hash 5bcfad9136fda4400d9fa90880dcfd1f c7d921bcb64e361bf2f33ccb1cbcc82ff7f27daa 56196af30c2f097867ad3e124dbe991f854c59627017f9eea4d8abfc47e0d991 HTTP Headers GET /desktop/avatarPreload-f9c50aa97e.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-593" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJaEtPfUeMYnZEVX6ZvWSNyVX7LrN5qhoPAvxJ3p4jJkd6RNU9g9%2BjlSTsSSh2QQmH6ngaxRzeCNlZcWkp%2FBd802CMlLpiU8PWPMvMNFua%2FqFnSXtB%2F6X5TRjgELx3e%2FJYce%2Bm%2BavRw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409ad9256ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6846&min_rtt=1431&rtt_var=4584&sent=98&recv=53&lost=0&retrans=0&sent_bytes=62548&recv_bytes=19574&delivery_rate=208738&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1283&x=1", cfExtPri, cfHdrFlush;dur=0

	GET mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjEyLCJpc2NsZWFuIjowfQ%3D%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0	34.90.10.178	200 OK	1.3 kB
URL GET HTTP/2 mrlscr.com/bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjEyLCJpc2NsZWFuIjowfQ%3D%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type HTML document, ASCII text, with very long lines (1369), with no line terminators Size 1.3 kB (1314 bytes) Hash 0854627a116c2b8dd354e74f62467d3c e1347b9c0617fd3a6fb1201fd9c45220f217d00a 5a53713af5e220d16a18cc51d3013c88826057a516dd97bd5628a51a072d0539 HTTP Headers GET /bn?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com&nm=eyJ6b25laWQiOjEyLCJpc2NsZWFuIjowfQ%3D%3D&reason=dom_load&prod_ad_id=92664698f3fc5c0be0c655ac5e8edf26&click_id=&is_clean=0 HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com pragma: no-cache cache-control: no-cache cache: reload credentials: include DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/ui_icons/0141-heart-red.svg	104.21.51.197	200 OK	784 B
URL GET HTTP/3 static.charmfling.com/desktop/ui_icons/0141-heart-red.svg IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type SVG Scalable Vector Graphics image Size 784 B (784 bytes) Hash 6ce4d3fe1f70eb0a9ecc05f04993e88c 20c392f44f5e866c9e4ddc0b7a42e9d4dfdf2381 83e8f429f7cd9a27f42e081a8452ffa43ace5ecca84d24e48b80d70f60fe3d0f HTTP Headers GET /desktop/ui_icons/0141-heart-red.svg HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://static.charmfling.com/desktop/app-061d07e1d2.min.css Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/svg+xml last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-310" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGRxUYZpchBRRvtIt3C6dzCs%2FL8vl4E9IBKVI8%2FGYXB9H4GZavCCXgQxUe8qv38IkC6er%2FwS3hio5YbPFYMnEujoyh0mzKMRtuPdQPaUs58Cu%2FmXSPV1oEBGR3WRq%2BN2dmlJDAtv4fQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4046b7856ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=12392&min_rtt=4992&rtt_var=6136&sent=31&recv=19&lost=0&retrans=0&sent_bytes=14349&recv_bytes=4919&delivery_rate=338931&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=439&x=1", cfExtPri, cfHdrFlush;dur=0

	GET mrlscr.com/utp/9d95c65947eccec03c1e0a8ab84461a6ffa962849690ec06ed79732fee70867c	34.90.10.178	200 OK	134 B
URL GET HTTP/2 mrlscr.com/utp/9d95c65947eccec03c1e0a8ab84461a6ffa962849690ec06ed79732fee70867c IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type ASCII text, with no line terminators Size 134 B (134 bytes) Hash c9d438e716435904bdc1630131a74705 d9f5fa649c0e466decb6586dda0a079d7127c88f 3fd2546c23893d4a5b9a095007977d0eed932c2765943d84805bf8bea767e106 HTTP Headers GET /utp/9d95c65947eccec03c1e0a8ab84461a6ffa962849690ec06ed79732fee70867c HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Cookie: dia=92664698f3fc5c0be0c655ac5e8edf26; hasTP=eyJ0cmFmZmljSnVuayI6IjEiLCJjaGVhcFB1cmNoYXNlQnlQZSI6IjEifQ== Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/globalEventsSystem-c7f722e0a1.min.js	104.21.51.197	200 OK	3.3 kB
URL GET HTTP/3 static.charmfling.com/desktop/globalEventsSystem-c7f722e0a1.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (3374), with no line terminators Size 3.3 kB (3278 bytes) Hash 8b8888115df7d1e48286a17b38929a98 2a1fc4d904d71a013b7853d899609b2dccd5c243 188cc24b0acc66e93f90fba31804a0b9e720e6b0f0e24cbd958f95368a5fb53a HTTP Headers GET /desktop/globalEventsSystem-c7f722e0a1.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-cce" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FEjJ0f1DSiRoU5cg5U2GmRPQY9rQl0ixDlhutiBwHyUMYDwe0GP%2BGjgTbmV6NYwnOdO4GI7ZfcLnmr%2Fb2JsdSI5CRhwyxHEqNDCCcPbBX325LdxwzvNT9OHxjm%2BW9%2FE0JeWDjcBYjE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4076ccb56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=14719&min_rtt=4992&rtt_var=9397&sent=53&recv=29&lost=0&retrans=0&sent_bytes=29815&recv_bytes=9104&delivery_rate=314955&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=915&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/template7-ec91a93435.min.js	104.21.51.197	200 OK	6.5 kB
URL GET HTTP/3 static.charmfling.com/desktop/template7-ec91a93435.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (6798), with no line terminators Size 6.5 kB (6489 bytes) Hash 646392f05e2fa5a9b0b432c4b1e729ac c9845486329c142286d818600733c70529b2914d bd65c8ba3ce34c4d467de3c4546ad337401855ecb195d431c182e64de15cb33c HTTP Headers GET /desktop/template7-ec91a93435.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-1959" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RKHNmVCpUm%2FeCFJ19UMks96hmzWixI05cmdY8FQzN4hEVbuKvhltb0riXhzWYVCP9EZK8ZuSVuhoqPiIRfkY%2BuvxkCahF4vO5FQMVB0zfZZ3bnU7YdJ%2BvQDi%2FPxAYlNguc%2B2tcOPwU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40a2dc656ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=5674&min_rtt=1431&rtt_var=3649&sent=105&recv=57&lost=0&retrans=0&sent_bytes=68297&recv_bytes=20479&delivery_rate=1059366&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1365&x=1", cfExtPri, cfHdrFlush;dur=0

	GET cdn.icalendars.app/sdk_product.js?v=12	104.21.32.1	200 OK	122 kB
URL GET HTTP/2 cdn.icalendars.app/sdk_product.js?v=12 IP 104.21.32.1:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjecticalendars.app FingerprintB6:04:28:4E:8D:7C:E3:CF:4A:1D:72:B3:AC:0B:99:88:49:3F:8F:A3 ValidityFri, 13 Dec 2024 08:54:13 GMT - Thu, 13 Mar 2025 09:51:56 GMT File type JavaScript source, ASCII text, with very long lines (65467) Size 122 kB (121622 bytes) Hash b7a3653a4c91e28d6c1f6381033fa9bd bc605bb85bc0f61c4c198fd4e63bbfe7b19df841 f17e84625e0920d7d2d06d60c8474750f90251a4042a0d522329f28b80028122 HTTP Headers `GET /sdk_product.js?v=12 HTTP/1.1 Host: cdn.icalendars.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: application/javascript last-modified: Fri, 25 Oct 2024 13:19:53 GMT vary: Accept-Encoding etag: W/"671b9af9-1db16" expires: Sun, 19 Jan 2025 07:22:07 GMT cache-control: max-age=14400 content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 7589 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2FyAFeZaKb9zLaapStvCtCywM4Fyw8OwXc669elKY21yafwMQWGA2n2Pks0Oabsc5Aq0%2BdQhbIRqRt%2But45yg8HGqZbauMNyHvhiOLuyLk9MrtvrilJYblLOKNy5oOPjuHf0fLY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c401b96f5689-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=653&min_rtt=412&rtt_var=347&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1066&delivery_rate=6819466&cwnd=254&unsent_bytes=0&cid=bfcb72b08a92b35b&ts=81&x=0" X-Firefox-Spdy: h2

	GET static.charmfling.com/desktop/mtdsCollectEmail-186bcff1f0.min.css	104.21.51.197	200 OK	1.4 kB
URL GET HTTP/3 static.charmfling.com/desktop/mtdsCollectEmail-186bcff1f0.min.css IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type ASCII text, with very long lines (1364), with no line terminators Size 1.4 kB (1364 bytes) Hash 74a00c3c2a5f5f3c1e9a3d834310c54d c5a393ca0674c332ef1644a42e3054e0e55eaefb 6da956647a368f6078b4e7adbeda6706cc9cc796f59acabc3c26066c439420d9 HTTP Headers GET /desktop/mtdsCollectEmail-186bcff1f0.min.css HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/css last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-554" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=2,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLtB7r%2BMKPPbp8sUdJqnMaGh%2FDitoF3ViMHe4%2FrN3YDvXZwgWKs4BzoGb3NSRe%2Bk2EoUHCK5vG6gIprPHCiILwYoPF1SEOJB3js4uzC3kZ43W2dF6b7CjP86el%2BN9VQiolSUIQOQVLU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40a7ded56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4232&min_rtt=1431&rtt_var=3160&sent=124&recv=66&lost=0&retrans=0&sent_bytes=82358&recv_bytes=24542&delivery_rate=938436&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1409&x=1", cfExtPri, cfHdrFlush;dur=0

	GET myblackkarma.com/6630e85dd29e0500013b25f7?pubid=620b95db9b851500013fdeac&adwpl=89626&ref_id=4971289cefbd4b839bf1af87de07c742	116.203.80.157	302 Found	72 kB
URL User Request GET HTTP/1.1 myblackkarma.com/6630e85dd29e0500013b25f7?pubid=620b95db9b851500013fdeac&adwpl=89626&ref_id=4971289cefbd4b839bf1af87de07c742 IP 116.203.80.157:443 ASN #24940 Hetzner Online GmbH Certificate IssuerLet's Encrypt Subjectmyblackkarma.com FingerprintD6:87:95:2C:60:2B:C2:B2:5D:15:24:A1:06:42:54:8F:E8:25:55:72 ValidityThu, 26 Dec 2024 13:45:26 GMT - Wed, 26 Mar 2025 13:45:25 GMT File type Size 72 kB (72331 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /6630e85dd29e0500013b25f7?pubid=620b95db9b851500013fdeac&adwpl=89626&ref_id=4971289cefbd4b839bf1af87de07c742 HTTP/1.1 Host: myblackkarma.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdgaeja.mypersnaloffer.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Content-Length: 198 Connection: close Location: https://m.charmfling.com/entry?param=1&hash=a45371cfd4390642da79196e8e89a8fe&p=40350&adwpl=89626&cid=678c9b935f5bebd399b7c903&camp=6630e85dd29e0500013b25f7 Set-Cookie: redcmps=W3siaWQiOiI2NjMwZTg1ZGQyOWUwNTAwMDEzYjI1ZjciLCJ0IjoiMjAyNS0wMS0xOVQwNjoyODozNS45MTQ3ODQxNThaIn1d; Path=/; Domain=myblackkarma.com; Expires=Mon, 20 Jan 2025 06:28:35 GMT; Secure; SameSite=None redhash=Njc4YzliOTM1ZjViZWJkMzk5YjdjOTAzfDJ8NjYzMGU4NWRkMjllMDUwMDAxM2IyNWY3fHwzZTEzYjQ4YS1kNmNkLTRkNDAtODYwNy0yNDgyNzk5ZmM2ZTR8MTczNzI2ODExNQ==; Path=/; Domain=myblackkarma.com; Expires=Mon, 19 Jan 2026 06:28:35 GMT; Secure; SameSite=None Date: Sun, 19 Jan 2025 06:28:35 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length,Content-Range X-Kong-Upstream-Latency: 31 X-Kong-Proxy-Latency: 0 X-Kong-Request-Id: d0f6ca07b561505c74a64017ad69831d

	GET static.charmfling.com/desktop/autocomplete-d366183edb.min.js	104.21.51.197	200 OK	4.9 kB
URL GET HTTP/3 static.charmfling.com/desktop/autocomplete-d366183edb.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (4970), with no line terminators Size 4.9 kB (4891 bytes) Hash 8834b59757d488f1eedf1f73a0e9825a 33802056a0b78ff064e6dcedabca5f8d142c73ac ad9c81d4c5219f617daf1a99ed8ad6e7ec2b690979b88eeea526f96ac38cc662 HTTP Headers GET /desktop/autocomplete-d366183edb.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:50 GMT vary: Accept-Encoding etag: W/"6788e8c2-131b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeN3r342xBVXa1H7ovoPhliXCN0KfCmyNT84vEsPgBB4%2F8QBZToI2TPo3SU1sy10TkieQHJHuap%2BDFQOB%2B%2B9Hj%2Fi0AAh0gGGYelwD3vB9rUpPXE62uFOwp8%2BDeuBrkg7%2BwvmqM0zYGw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40afe2456ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3695&min_rtt=1431&rtt_var=2039&sent=132&recv=71&lost=0&retrans=0&sent_bytes=86804&recv_bytes=26261&delivery_rate=129932&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1490&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/modalCss-4f55ea8bae.min.css	104.21.51.197	200 OK	763 B
URL GET HTTP/3 static.charmfling.com/desktop/modalCss-4f55ea8bae.min.css IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type ASCII text, with very long lines (763), with no line terminators Size 763 B (763 bytes) Hash 932fc3a110087082c204102226aeb241 f4ecf2e485e56f4c6facf935b6dff00f7b5f843a 051dc1c5ef8202a6cbc60c850123104312e05f1e4027b26c6229527de3bd8d3f HTTP Headers GET /desktop/modalCss-4f55ea8bae.min.css HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/css last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-2fb" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=2,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBnE%2FkNvzXOQql%2FFQFwLxcKFUp%2FNl7LQnZWPdeIvHO9WgmXrQZ9bnCbCOmt%2B1GIoO8%2BgBdbYJJBfUkgqCxkDx7%2F7Fn3fq00asbo2XHbjmQjOJx%2F5NiwpMqiSXkuRNOtR8iFPPBSWeqE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40a6de656ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4629&min_rtt=1431&rtt_var=3155&sent=120&recv=63&lost=0&retrans=0&sent_bytes=80940&recv_bytes=22934&delivery_rate=1281908&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1396&x=1", cfExtPri, cfHdrFlush;dur=0

	POST charmfling.com/notify	185.106.140.114	200 OK	0 B
URL POST HTTP/2 charmfling.com/notify IP 185.106.140.114:443 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /notify HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 43 Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; user_id=831400050; is_generated=0; product_id=4; receiver_id=768360077200930975; product_receiver_id=175931550; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding accept-ch: Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width permissions-policy: ch-ua=(self "https://api.icalendars.app"), ch-ua-mobile=(self "https://api.icalendars.app"), ch-ua-platform=(self "https://api.icalendars.app"), ch-ua-platform-version=(self "https://api.icalendars.app"), ch-ua-full-version=(self "https://api.icalendars.app"), ch-ua-full-version-list=(self "https://api.icalendars.app"), ch-ua-model=(self "https://api.icalendars.app"), ch-ua-arch=(self "https://api.icalendars.app"), ch-ua-bitness=(self "https://api.icalendars.app"), ch-ua-wow64=(self "https://api.icalendars.app") expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With x-frame-options: SAMEORIGIN content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	GET mrlscr.com/utp/e2349ac733231a949a1de04b6d0449b8278d1cf2b00d12a516a8d2f4e7c07c8c	34.90.10.178	200 OK	134 B
URL GET HTTP/2 mrlscr.com/utp/e2349ac733231a949a1de04b6d0449b8278d1cf2b00d12a516a8d2f4e7c07c8c IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com Fingerprint85:3E:D5:1E:72:41:8F:EE:35:64:D3:CF:09:7C:EA:79:3B:52:CC:45 ValiditySun, 15 Dec 2024 04:50:33 GMT - Sat, 15 Mar 2025 04:50:32 GMT File type ASCII text, with no line terminators Size 134 B (134 bytes) Hash c9d438e716435904bdc1630131a74705 d9f5fa649c0e466decb6586dda0a079d7127c88f 3fd2546c23893d4a5b9a095007977d0eed932c2765943d84805bf8bea767e106 HTTP Headers GET /utp/e2349ac733231a949a1de04b6d0449b8278d1cf2b00d12a516a8d2f4e7c07c8c HTTP/1.1 Host: mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Cookie: dia=92664698f3fc5c0be0c655ac5e8edf26; hasTP=eyJ0cmFmZmljSnVuayI6IjEiLCJjaGVhcFB1cmNoYXNlQnlQZSI6IjEifQ== Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/jpeg cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/dom-83e622c736.min.js	104.21.51.197	200 OK	5.1 kB
URL GET HTTP/3 static.charmfling.com/desktop/dom-83e622c736.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (5175), with no line terminators Size 5.1 kB (5060 bytes) Hash 78e4e87a625383f246a7ae5505607853 63fdc2b3f21f3b21971033143fb7bae579f379cc e2a4569410395058b3760d0aec4ddafd5e3f686c55cc5c4276b6da5e3e02c7a4 HTTP Headers GET /desktop/dom-83e622c736.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 15:44:15 GMT vary: Accept-Encoding etag: W/"6789294f-13c4" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 168040 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLayqLBG2LJo77NnKqQ39J1IuTg7ABza9ej8bZgDEmDYD6SHUwJq8Ib8Sm8HTUn1AbEqK%2BawrOB52XyViDpr3QpWMQi4xMh5hkAE6DsH4S9nl86zDonLAfet%2FtAce1zYnpWUN4Uy9Os%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4085d2956ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=9916&min_rtt=1486&rtt_var=7258&sent=71&recv=38&lost=0&retrans=0&sent_bytes=43595&recv_bytes=11104&delivery_rate=451108&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1072&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/nanobar-1615024339.min.js	104.21.51.197	200 OK	1.3 kB
URL GET HTTP/3 static.charmfling.com/desktop/nanobar-1615024339.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1376), with no line terminators Size 1.3 kB (1342 bytes) Hash 7957cd9406ee944ee0885c4ad56d963d 88bab107ef316bf350cba6e3bf1e77b3c89de173 64f235183b3b08646147699a72b9ad6dd22158cda615b0f7e107236a101def49 HTTP Headers GET /desktop/nanobar-1615024339.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-53e" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDrbRjztJtZsGsgT6D8hPgq715EBWsYSEfLlpGJ2ctlJZmT4ae4BPXidUybbaDVj9%2B7x0nH4yXUPxc9s81gP7%2BcMQ0hCCOr4rGfqu41er%2BYQoM0Qqn3w5R%2FWW333tIXBQsbjX3u89GA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c408dd3e56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=9491&min_rtt=1486&rtt_var=6293&sent=75&recv=40&lost=0&retrans=0&sent_bytes=46528&recv_bytes=11727&delivery_rate=414874&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1152&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/browser-8288e3819e.min.js	104.21.51.197	200 OK	1.5 kB
URL GET HTTP/3 static.charmfling.com/desktop/browser-8288e3819e.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1594), with no line terminators Size 1.5 kB (1528 bytes) Hash 57b1f9d68cc0ef79a73d5787245dd72a d00473c930149fa0618ebd38e2190a535aef6ec9 a00a3c450602be80dac4da99c777249159613fe601f1adbfce300b51b0d1d27e HTTP Headers GET /desktop/browser-8288e3819e.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-5f8" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CD41sC22joctbnu6ufvCY%2FinUmF867eLLfVIxg27sv3J%2F8KeTRY7FTCed%2FMKZfGp5fE1ktpAhXi0q5AgLJLucLOQadxhxvdAtKTRIbbRW0PJzlH4TiDie3eGo2DLy6cPFeMuS9YqQDg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4058c0f56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=11887&min_rtt=4992&rtt_var=4976&sent=46&recv=23&lost=0&retrans=0&sent_bytes=28139&recv_bytes=6161&delivery_rate=165233&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=619&x=1", cfExtPri, cfHdrFlush;dur=0

	GET domdengo.com/jnk?user_id=831400050&partner_event_id=40350&sub_id=4358319617&host=charmfling.com&domain=domdengo.com&status=ok	34.90.10.178	200 OK	0 B
URL GET HTTP/2 domdengo.com/jnk?user_id=831400050&partner_event_id=40350&sub_id=4358319617&host=charmfling.com&domain=domdengo.com&status=ok IP 34.90.10.178:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectdomdengo.com Fingerprint07:C2:6A:20:65:AF:E7:3E:3A:BC:94:90:6B:BC:3A:9C:82:37:1B:1E ValiditySat, 07 Dec 2024 03:12:41 GMT - Fri, 07 Mar 2025 03:12:40 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /jnk?user_id=831400050&partner_event_id=40350&sub_id=4358319617&host=charmfling.com&domain=domdengo.com&status=ok HTTP/1.1 Host: domdengo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://charmfling.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/json vary: Accept-Encoding cache-control: no-cache, private access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-credentials: true access-control-max-age: 86400 access-control-allow-headers: Content-Type, Authorization, X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/notificationsCenter-161c11c51f.min.js	104.21.51.197	200 OK	2.7 kB
URL GET HTTP/3 static.charmfling.com/desktop/notificationsCenter-161c11c51f.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (2828), with no line terminators Size 2.7 kB (2724 bytes) Hash be3898e194b1995c854ea96906cf01b6 07b19947a33394462f6416c77c4b0449b63a3027 a90d9639b317cef11c7d5cf9c66a5922ffce14347e2da1bfcd35f689ee46c121 HTTP Headers GET /desktop/notificationsCenter-161c11c51f.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-aa4" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains age: 240066 cf-cache-status: HIT priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ7hqs%2BlyabHjq5bwNsXT81GbIMWGWsqHiZMWkKhb18PgDUCtSnCC6R%2BgM8F%2F6e1vbPhjyim980X8lR5Sl2IhlXkHOVUUuR6yqUypSEKqIp7aXXkH%2B1kCxu6zEghzhzcSEbfAhOvEi4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c409ad9356ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6846&min_rtt=1431&rtt_var=4584&sent=94&recv=53&lost=0&retrans=0&sent_bytes=59247&recv_bytes=19574&delivery_rate=208738&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1282&x=1", cfExtPri, cfHdrFlush;dur=0

	GET images.mrlscr.com/49dc1e143cecc13a5712ae7dc00f516b.gif	104.21.14.47	200 OK	23 kB
URL GET HTTP/2 images.mrlscr.com/49dc1e143cecc13a5712ae7dc00f516b.gif IP 104.21.14.47:443 ASN #13335 CLOUDFLARENET Requested by https://mrlscr.com/tcr?v=50&publisher=1&dia=92664698f3fc5c0be0c655ac5e8edf26&diu=831400050&host=charmfling.com Certificate IssuerGoogle Trust Services Subjectmrlscr.com FingerprintBB:2B:9D:EF:E4:87:CD:E0:F4:AA:5D:78:75:A1:A1:11:68:6E:6E:D0 ValidityMon, 09 Dec 2024 04:57:40 GMT - Sun, 09 Mar 2025 04:57:39 GMT File type GIF image data, version 89a, 970 x 90 Size 23 kB (22703 bytes) Hash 49dc1e143cecc13a5712ae7dc00f516b 4037f9690768aab6f5b12ce95b16e9a006aff9ab 0221be943e79d619f20c1fd5529b331e967cba0dd7287341f592d3aed8291c64 HTTP Headers `GET /49dc1e143cecc13a5712ae7dc00f516b.gif HTTP/1.1 Host: images.mrlscr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://mrlscr.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: image/gif content-length: 22703 last-modified: Wed, 13 Dec 2023 16:52:36 GMT etag: "49dc1e143cecc13a5712ae7dc00f516b" x-amz-server-side-encryption: AES256 x-amz-version-id: SJ2r6gKeHh7btJ0geZmzrPc4lUzlXmh7 x-cache: Hit from cloudfront via: 1.1 c76d87fd83a704b78afc1028fc7bcea2.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: ZVClUGkEf4qIl_-xunHq1f1wmR4QXgv8aqsI_Ml4F408b6Z5vEhDHA== age: 3758 cache-control: max-age=14400 cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKQ6vB%2BEDfgpmq%2BqZhjHnt8Yl6Urtm8NMkQyPr0CZYBHkQoB4wke3wsFFybQDh4fa7GKoPx6j6JkSHb0Xnl7ed%2Fn5xtOFzFVrFfsUB8NssAtjQnZVulypIu%2F25WZzC1P8XJjyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 9044c40c2bafb4ee-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1000&min_rtt=556&rtt_var=522&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1180&delivery_rate=7180165&cwnd=237&unsent_bytes=0&cid=a075d56f257d9a50&ts=45&x=0" X-Firefox-Spdy: h2

	GET static.charmfling.com/desktop/app-061d07e1d2.min.css	104.21.51.197	200 OK	190 kB
URL GET HTTP/2 static.charmfling.com/desktop/app-061d07e1d2.min.css IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 190 kB (189919 bytes) Hash 86ff34a7ed70f7b267b3a09108e57e87 cdb5c9680c5263891a121e164d5dcf5e560c0040 1573981ebb576ead0fc2caccc4f72af67bdbdd019fafd3168b6c79a03424bd9b HTTP Headers GET /desktop/app-061d07e1d2.min.css HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:36 GMT content-type: text/css last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-2e5df" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240066 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1YA8bAglDnOl625YAoMnwnrF0sYxsD2mnO%2FFYiLCO9ppu8v38D5t461tSRvdfcx92XUEoGUn5tqwOtmog%2F4%2FmEkLa2970gyJ1A7WlTboxuGmqg3iqPsGDzUpsTvYMZqadosp2xGZMA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4018d127131-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1025&min_rtt=455&rtt_var=1156&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3281&recv_bytes=2062&delivery_rate=7970642&cwnd=252&unsent_bytes=0&cid=9bb8ad234c02ed46&ts=88&x=0" X-Firefox-Spdy: h2

	OPTIONS api.icalendars.app/api/v1/firebase/popup	34.90.134.29	204 No Content	0 B
URL OPTIONS HTTP/2 api.icalendars.app/api/v1/firebase/popup IP 34.90.134.29:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerZeroSSL Subjecticalendars.app Fingerprint4F:EF:53:D1:89:56:46:C9:D8:13:0C:2D:77:91:E2:AF:2A:0A:FA:A7 ValidityThu, 05 Dec 2024 00:00:00 GMT - Wed, 05 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/v1/firebase/popup HTTP/1.1 Host: api.icalendars.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://charmfling.com/ Origin: https://charmfling.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 204 No Content date: Sun, 19 Jan 2025 06:28:37 GMT cache-control: no-cache, private access-control-allow-origin: * vary: Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: POST access-control-allow-headers: content-type access-control-max-age: 0 strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/asyncPageLoad-5fa173d607.min.js	104.21.51.197	200 OK	6.6 kB
URL GET HTTP/3 static.charmfling.com/desktop/asyncPageLoad-5fa173d607.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (6788), with no line terminators Size 6.6 kB (6575 bytes) Hash fd11e3ae3e3372e337e7442300b09e42 c31168d984396602147997513761d2329a75e526 333dae9b98e21b251176d7d694ee5d537420cafc1cab6f05f582e7f8ce9e7fa4 HTTP Headers GET /desktop/asyncPageLoad-5fa173d607.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:17 GMT vary: Accept-Encoding etag: W/"6788e8a1-19af" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pb5q2Yr6iAvNDFAXCm0nG7IuUTeCpLUMD7k91j9s31g37fEsbbONfMlI6bDEjWesjFsXa95QmPXrkojlYjiZiOGM1N2w3FjAikp8ZRLF5BfM6i1jB4noxisKyJE2m69LzhPZm1KT1A%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4085d2156ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=11257&min_rtt=1486&rtt_var=8306&sent=68&recv=36&lost=0&retrans=0&sent_bytes=40369&recv_bytes=11017&delivery_rate=1449019&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1068&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/nouislider_css-841689641e.min.css	104.21.51.197	200 OK	1.7 kB
URL GET HTTP/3 static.charmfling.com/desktop/nouislider_css-841689641e.min.css IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type ASCII text, with very long lines (1663), with no line terminators Size 1.7 kB (1663 bytes) Hash e2407b495df5672a61bc8d9dc3067c5d b7b185a254a4eb14db42e62cc207e36a1846aa2b b25ba3b7a35bd237a3b43594252977e247f40857d46d409d35ab4f3e20858039 HTTP Headers GET /desktop/nouislider_css-841689641e.min.css HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: text/css last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-67f" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=2,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygXCTVll1BIw0FF5YA4b%2FAtO8Sfz991HFvMijZgINYEwg%2BHvx%2FbevnCpGwY9FAgq4yTf644RZk2FELbFwfBOn1EkC0rS%2BQCnJlJijS5DOt8G8AFdfk%2BI05o2JY90uJkKsyD600v384o%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40a7def56ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3961&min_rtt=1431&rtt_var=2912&sent=126&recv=67&lost=0&retrans=0&sent_bytes=83833&recv_bytes=24588&delivery_rate=179550&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1414&x=1", cfExtPri, cfHdrFlush;dur=0

	GET static.charmfling.com/desktop/ProfileCityAction-dd0953a796.min.js	104.21.51.197	200 OK	2.4 kB
URL GET HTTP/3 static.charmfling.com/desktop/ProfileCityAction-dd0953a796.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (2527), with no line terminators Size 2.4 kB (2447 bytes) Hash ffcbc539d3b4fbe4fa398bad7e093e05 c31e5fe4f12dd120497e90358abd795a1360aacd d0896785c0bec903d4cf76875cd1b90bcdfc0189482633db8e6cb21be0063c89 HTTP Headers GET /desktop/ProfileCityAction-dd0953a796.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:38 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 15:44:43 GMT vary: Accept-Encoding etag: W/"6789296b-98f" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 168040 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CahQaSHzeu8hZSkQdg6KaWrhW17MBNie2HUpSdrS0KUQLqKaMyjzIGrk6FZ0ceW8SA4uWnGEANYYmEb8z%2BucZ38wNZrcQCuWskVNsC%2BDx5lp%2BZqFQiChKaxegNG4gKpBBXdGIj1oes%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c40a5dd756ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=5083&min_rtt=1431&rtt_var=2995&sent=118&recv=62&lost=0&retrans=0&sent_bytes=79081&recv_bytes=22889&delivery_rate=777092&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1388&x=1", cfExtPri, cfHdrFlush;dur=0

	GET charmfling.com/favicon-charmfling-16x16.png	185.106.140.114	200 OK	331 B
URL GET HTTP/2 charmfling.com/favicon-charmfling-16x16.png IP 185.106.140.114:443 ASN #7979 SERVERS-COM Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com FingerprintB0:E2:1C:6E:2B:80:00:D5:55:E3:1C:FB:DD:00:7D:7D:5B:80:CC:B9 ValidityMon, 02 Dec 2024 09:29:18 GMT - Sun, 02 Mar 2025 09:29:17 GMT File type PNG image data, 16 x 16, 8-bit grayscale, non-interlaced Size 331 B (331 bytes) Hash 31a5282500d160dbff9c501f81299b7d 4dbb7f42383ea516a6c84259405d9fd4f51d1e0a fcf0b256b1f538de7da004e80c8837542670c72a331ac707b2f175997538c362 HTTP Headers GET /favicon-charmfling-16x16.png HTTP/1.1 Host: charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; user_id=831400050; is_generated=0; product_id=4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: image/png content-length: 331 last-modified: Thu, 16 Jan 2025 15:44:31 GMT etag: "6789295f-14b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 accept-ranges: bytes strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	GET static.charmfling.com/desktop/mtdscollectemail-3bbfe6fe3c.min.js	104.21.51.197	200 OK	1.6 kB
URL GET HTTP/3 static.charmfling.com/desktop/mtdscollectemail-3bbfe6fe3c.min.js IP 104.21.51.197:443 ASN #13335 CLOUDFLARENET Requested by https://charmfling.com/?p=40350&pe=40350&hash=a45371cfd4390642da79196e8e89a8fe&param=1&plog=40350&rfrdmn=&sr1=89626&sub_id=4358319617&req_cid=23a16a054269feffa6289016bdeaa0fe&user_id=831400050 Certificate IssuerGoogle Trust Services Subjectcharmfling.com Fingerprint56:6D:3A:AC:98:FD:F8:A7:F5:AB:40:5F:24:93:8F:6F:52:E4:EC:26 ValiditySat, 14 Dec 2024 05:02:20 GMT - Fri, 14 Mar 2025 05:58:45 GMT File type JavaScript source, ASCII text, with very long lines (1681), with no line terminators Size 1.6 kB (1623 bytes) Hash 6c65886c4446b4bea7a861dd75c9e824 fd3b378b01f0299c1ba9a1628f9476ba1ad0ce34 154ec61c9cb150409f3c31d110d2cf47b63e49a87437d3637fe483b5cb738d33 HTTP Headers GET /desktop/mtdscollectemail-3bbfe6fe3c.min.js HTTP/1.1 Host: static.charmfling.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://charmfling.com DNT: 1 Connection: keep-alive Referer: https://charmfling.com/ Cookie: PHPSESSID=2k7tp1tsbm51rbigcf79fq5078; adwpl=%7B%22sub_id%22%3A%2289626%22%2C%22sub2%22%3A%22%22%7D; p_param=1; p_params=%3Fparam%3D1%26hash%3Da45371cfd4390642da79196e8e89a8fe%26p%3D40350%26adwpl%3D89626%26cid%3D678c9b935f5bebd399b7c903%26camp%3D6630e85dd29e0500013b25f7; partner_id=40350; first-session=1; pauth=Njc4YzliOTQxZjQyNEBhdXRvLmxvZ2luOjBiNzgxOWQyZDZmNGNiY2NlNjM2MjdhNmJiOGUxMjk1; just_tracked=1; modal-hash={"p":"40350","pe":"40350","hash":"a45371cfd4390642da79196e8e89a8fe","param":"1","plog":"40350","rfrdmn":"","sr1":"89626","sub_id":"4358319617","req_cid":"23a16a054269feffa6289016bdeaa0fe","user_id":"831400050"} Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sun, 19 Jan 2025 06:28:37 GMT content-type: application/javascript last-modified: Thu, 16 Jan 2025 11:08:39 GMT vary: Accept-Encoding etag: W/"6788e8b7-657" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: https://charmfling.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With content-encoding: gzip strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 240067 priority: u=3,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMXJ6AYBNLjS17tPir32Bi6u8umUXQxG6IGfJ9LBH8zKoOrp6ycHSTX9JaUl2%2FZsL5t28wnfgTb4S0NMMuoAs1s%2FlsR4XyBM7sKtaCvfudJWskyRWefcsNzHQteQ2XQ0ANZc7fHuf%2Fo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 9044c4094d6856ca-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=7796&min_rtt=1431&rtt_var=5460&sent=85&recv=46&lost=0&retrans=0&sent_bytes=53722&recv_bytes=14168&delivery_rate=518908&cwnd=12000&unsent_bytes=0&cid=8b49ac974b7a751b&ts=1236&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL