urlquery - report: dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
www2.dateexotic.com (1)	0	2022-11-09 12:59:30 UTC	2022-11-26 09:17:44 UTC	172.67.159.164	Unknown ranking
app.api-push.com (2)	307671	2021-12-06 12:20:56 UTC	2022-11-26 07:22:03 UTC	172.64.138.29
e1.o.lencr.org (2)	6159	No data	No data	23.36.76.226
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.191.251.76
accounts.google.com (2)	81	2016-09-05 09:39:47 UTC	2022-11-26 07:02:40 UTC	216.58.207.237
pornhub.com (1)	4903	2012-05-22 01:01:29 UTC	2022-11-26 06:40:09 UTC	66.254.114.41
r3.o.lencr.org (10)	344	No data	No data	23.36.77.32
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-26 05:33:20 UTC	34.102.187.140
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
o65532.ingest.sentry.io (1)	747982	2022-06-02 01:41:52 UTC	2022-11-26 07:22:03 UTC	34.120.195.249
www.pornhubpremium.com (2)	142013	2014-02-24 07:26:05 UTC	2020-04-11 12:46:17 UTC	66.254.114.33
cdnjam.com (1)	204001	2021-02-18 07:53:51 UTC	2022-11-26 07:22:02 UTC	104.21.58.242
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-11-26 11:14:44 UTC	172.217.21.170
browser.sentry-cdn.com (1)	4393	2018-07-13 11:42:06 UTC	2022-11-26 06:39:28 UTC	151.101.66.217
fonts.googleapis.com (2)	8877	2013-06-10 20:14:26 UTC	2022-11-26 07:22:52 UTC	142.250.74.10
her-cupid.com (24)	698724	2021-08-09 12:54:36 UTC	2022-11-26 07:21:55 UTC	54.39.22.228
www.facebook.com (1)	99	2012-05-21 00:23:41 UTC	2021-06-08 06:38:51 UTC	31.13.72.36
ocsp.digicert.com (7)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
alexatracker.com (1)	0	2020-10-28 18:44:06 UTC	2022-11-26 06:08:43 UTC	172.67.204.112	Unknown ranking
www.pornhub.com (1)	10781	2012-05-21 06:55:53 UTC	2020-05-05 12:49:23 UTC	66.254.114.41
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-26 05:33:16 UTC	34.117.237.239
ocsp.pki.goog (13)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.3
fonts.gstatic.com (2)	0	2014-09-09 00:40:21 UTC	2022-11-26 10:10:14 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
www.xvideos.com (1)	11464	2012-05-21 18:29:12 UTC	2020-03-18 14:38:47 UTC	185.88.181.6
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	104.18.32.68
dateexotic.com (3)	0	2020-10-21 10:51:18 UTC	2022-11-26 06:06:47 UTC	104.21.34.109	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-11-26	2	dateexotic.com/static/js/build/bd.js	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-1.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-2.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-3.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-4.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-5.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-7.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-8.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-9.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-10.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-4.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-1.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-2.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-3.webp	Phishing
2022-11-26	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-center-bottom-ql.webp	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-31 11:04:43 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2phgvpv1csk2i&email= (...)	172.67.159.164
2023-01-31 08:08:53 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1crtqn&email= (...)	172.67.159.164
2023-01-25 05:46:59 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2ph056j1b5lnr&email= (...)	172.67.159.164
2023-01-22 17:57:37 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1bk9i0&email= (...)	172.67.159.164
2023-01-21 10:56:18 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2rtplj01bavpv&email= (...)	172.67.159.164

Date	UQ / IDS / BL	URL	IP
2023-02-03 12:39:24 +0000	0 - 1 - 0	www.nrscotland.gov.uk/files/statistics/covid1 (...)	188.114.97.1
2023-02-03 12:39:23 +0000	0 - 1 - 0	www.nrscotland.gov.uk/files/statistics/covid1 (...)	188.114.97.1
2023-02-03 12:39:23 +0000	0 - 1 - 0	www.nrscotland.gov.uk/files/statistics/covid1 (...)	188.114.97.1
2023-02-03 12:39:20 +0000	0 - 1 - 0	www.nrscotland.gov.uk/files/statistics/covid1 (...)	188.114.97.1
2023-02-03 12:38:41 +0000	0 - 2 - 5	fuelflare.cn/Khaadi-v2/tb.php?zj=lc1675426255709	104.21.30.156

Date	UQ / IDS / BL	URL	IP
2023-01-31 11:04:43 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2phgvpv1csk2i&email= (...)	172.67.159.164
2023-01-31 08:08:53 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1crtqn&email= (...)	172.67.159.164
2023-01-28 13:15:38 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=sr2f6b1ch1ln&email=s (...)	104.21.34.109
2023-01-25 05:46:59 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2ph056j1b5lnr&email= (...)	172.67.159.164
2023-01-23 06:31:47 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...)	104.21.34.109

Date	UQ / IDS / BL	URL	IP
2023-01-18 09:18:27 +0000	0 - 0 - 19	dateexotic.com/agEA?usid=2g5b9gk1aoifa&email= (...)	172.67.159.164
2023-01-14 05:49:20 +0000	0 - 10 - 18	urorwie.tk/blastosphere/damn/3477722713/scrup (...)	46.150.16.67
2023-01-08 06:38:37 +0000	0 - 0 - 18	dateexotic.com/agEA?usid=168bbcj17hv53&email= (...)	104.21.34.109
2023-01-06 12:53:52 +0000	0 - 1 - 18	ulkp19v4t06zxuctest3.tiomutazava.cf/TSKtBH6B? (...)	146.190.75.35
2022-12-25 06:52:31 +0000	0 - 3 - 19	uuxy2hatest3.siechalkti.tk/TSKtBH6B?keyword=t (...)	146.190.75.35

Request	Response
GET /agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@ (...) FQDN: dateexotic.com IP: 104.21.34.109 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 104.21.34.109 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 26 Nov 2022 13:47:22 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TW17b5R5%2BEPczS4LYg57tIxA1f4T7LV9KXkjmnE0U0Qpxh%2BsxwURe6l6xzwKdU8aZgJUbHS3A3sbGJyT3grs1ge1V0cUkc0MYFflwgwknlripgYTfmmcgKK%2FqmyFj5UFWQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 77031356f912b51e-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11996 Expires: Sat, 26 Nov 2022 17:07:18 GMT Date: Sat, 26 Nov 2022 13:47:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9f1d4d98705c281fed3b60343463200 Sha1: db6f8aa98d2eda4e5473b116a222c3055568bb78 Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5123 Cache-Control: max-age=166149 Date: Sat, 26 Nov 2022 13:47:22 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 11:56:31 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6195 Expires: Sat, 26 Nov 2022 15:30:37 GMT Date: Sat, 26 Nov 2022 13:47:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 13:19:13 GMT cache-control: public,max-age=3600 age: 1689 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: IsuMCXYDS/V8a5n2p+J8OgTPT+fyjGZTsofzwikDYVhpHO5t7ZG8o0f+NH2ocrmNbsuYcAfRq70= x-amz-request-id: N6YJ5FEYJY3VQS2K content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 13:44:15 GMT age: 187 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 104.21.34.109 HASH: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b 104.21.34.109 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Sat, 26 Nov 2022 13:47:22 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 770313595c15b51e-OSL Age: 135546 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZHQySCz5kTvODbNsGfaxbBYbEOJjW6T0ff7rGMe%2FenDHMxByslZaJtSSfDehzBJ8mvx2e7xthhw5wqsuUHxeehwZv%2FFTTHUD0oY0IsdtsQX63fDAjwBDFG%2BUCwUwS5Ivg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3571 Md5: 896fa747a8832e6a6ac72bbbcfc917f6 Sha1: 67dc40632c900a9f84280f0898b308b8a6b3e3a5 Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 13:47:22 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9937 Expires: Sat, 26 Nov 2022 16:32:59 GMT Date: Sat, 26 Nov 2022 13:47:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 104.21.34.109 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 104.21.34.109 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 26 Nov 2022 13:47:22 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em5ZJcQb%2Ffv9SibsHrTXYGY35NrBnJr04I0RJTSd0nHq07FRTecLGDg8PUxqCXxteHHlgQnMKGYDVOrnKHrG4Ig4eYu%2B5oQVjbY8Mszb%2BurIsPwbdQ%2FwaAJbcUdKlg2a4A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7703135ace0db51e-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 13:11:12 GMT cache-control: public,max-age=3600 age: 2170 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5212 Cache-Control: max-age=161180 Date: Sat, 26 Nov 2022 13:47:23 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 10:33:43 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9936 Expires: Sat, 26 Nov 2022 16:32:59 GMT Date: Sat, 26 Nov 2022 13:47:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:23 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 7bf3638d23acb01907c531a6630a4493 Sha1: e7f8c2bf2de297420ce8a1c826c64aaf00917d2f Sha256: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xNjhiYmNqMTNiYWZqJmVtYWlsPXJ6YWNhcmlhcyU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9MTY4YmJjajEzYmFmaiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=ea52a814113313be20e34cb7ed9c1d3a HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 172.67.204.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.204.112 HTTP/2 301 Moved Permanently date: Sat, 26 Nov 2022 13:47:23 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias%40slurpmail.net&sub1=clear_main&prid=168bbcj13bafj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=9080226559574546667&c=503965751 set-cookie: trbarid=9080226559574546667;expires=Mon, 25 Nov 2024 13:47:23 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6xROd7azsELgPu5AWgkPlVNgOkFWKRYaPScRo%2FjSLMCOJ1BMdO6BARicK30lWTn0Zf8xaPE7tHBN6TccfWtRV0u0GCDKB63K4YlqpS1ETHoRRS0vlLdGOHYpG33u6W78B6T"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7703135e6c69b518-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:23 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 7bf3638d23acb01907c531a6630a4493 Sha1: e7f8c2bf2de297420ce8a1c826c64aaf00917d2f Sha256: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: rjqtLdkUCCk9Q1veRtTAEQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.191.251.76 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.191.251.76 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kcsbfT/47U9BJdXE36oqkxe1Cy8= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e2e6f1b7b76c3f604b2a75009ae7f391584ac0f784b60988aa2073be392ea49f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E2E6F1B7B76C3F604B2A75009AE7F391584AC0F784B60988AA2073BE392EA49F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6925 Expires: Sat, 26 Nov 2022 15:42:49 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 62a4328dbc9b7bbd72af4eef2d31b2d5 Sha1: ab7e74f30923409dd30fae46aa8e6eab18919590 Sha256: e2e6f1b7b76c3f604b2a75009ae7f391584ac0f784b60988aa2073be392ea49f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3667 Cache-Control: max-age=89781 Date: Sat, 26 Nov 2022 13:47:24 GMT Etag: "6380c64e-116" Expires: Sun, 27 Nov 2022 14:43:45 GMT Last-Modified: Fri, 25 Nov 2022 13:42:38 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: e83533519b59a0575bc36a368e8ae3f0 Sha1: ba48ddbcb69efb7d3c8b43917ce3f3c01587da69 Sha256: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4
GET /agEA?usid=168bbcj13bafj&email=rzacarias%40slurpmail.net&sub1=clear_main&prid=168bbcj13bafj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=168bbcj13bafj&email=rzaca (...) FQDN: www2.dateexotic.com IP: 172.67.159.164 HASH: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d 172.67.159.164 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Sat, 26 Nov 2022 13:47:23 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xNjhiYmNqMTNiYWZqJmVtYWlsPXJ6YWNhcmlhcyU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9MTY4YmJjajEzYmFmaiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=ea52a814113313be20e34cb7ed9c1d3a access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BExTbtNyw0QFW%2BdWxmWKRlyMwHl9iuB41tRFbDzK%2BUh6CxAiVzC2RWKbVT80TcyYKM%2BPt5Fj5pvCLu4hhxsc7LtLXFii0KywgJ4iuL8dasL%2BWHWKC0dJFgr42ddHdIi01a0IR4A"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7703135a6df7b4ff-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 1021 Md5: 3b07f6f3625abf8ad4dafd7b821ad69e Sha1: 304bbec923fc251222f5d8bf87ff13244ac12201 Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3667 Cache-Control: max-age=89781 Date: Sat, 26 Nov 2022 13:47:24 GMT Etag: "6380c64e-116" Expires: Sun, 27 Nov 2022 14:43:45 GMT Last-Modified: Fri, 25 Nov 2022 13:42:38 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: e83533519b59a0575bc36a368e8ae3f0 Sha1: ba48ddbcb69efb7d3c8b43917ce3f3c01587da69 Sha256: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 172.217.21.170 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 172.217.21.170 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 08:46:23 GMT expires: Sat, 25 Nov 2023 08:46:23 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 104461 last-modified: Fri, 08 May 2020 07:05:03 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /7.21.1/bundle.es5.min.js HTTP/1.1 Host: browser.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: browser.sentry-cdn.com/7.21.1/bundle.es5.min.js FQDN: browser.sentry-cdn.com IP: 151.101.66.217 HASH: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050 151.101.66.217 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 cache-control: public, max-age=31536000 expires: Thu, 23 Nov 2023 17:02:22 GMT last-modified: Wed, 23 Nov 2022 11:53:26 GMT etag: "66704d64b742c25f1edefdf90adf3f2f" content-encoding: gzip accept-ranges: bytes date: Sat, 26 Nov 2022 13:47:24 GMT age: 247502 vary: Accept-Encoding access-control-allow-origin: * server: Fastly strict-transport-security: max-age=31536000; includeSubDomains content-length: 20162 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (62012) Size: 20162 Md5: 66704d64b742c25f1edefdf90adf3f2f Sha1: 5f54e6f7e7e066f91aa129fa2a877618916aacb1 Sha256: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15818 x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLXrUF3bIAMF8CA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:17:55 GMT age: 55769 etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15818 Md5: 17ebe470d040a6ea8c57e9b9d4f4e828 Sha1: 1ac7a410cd4f3709f476c776dd5646dd982dcfa8 Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3839 Expires: Sat, 26 Nov 2022 14:51:23 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e06a8dc90630612579b6720d2a6d530a Sha1: f83ff0f2d1925d7757f9afd075311eef7d07179a Sha256: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9914 x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVFHQYIAMFc4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:18:42 GMT age: 55722 etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9914 Md5: 3b1c6878914466cfece680fa7cb73502 Sha1: 47fac81a2dd809df5c42ca1362f71d553572d2b1 Sha256: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3502 x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYUHO5IAMFqDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 03:55:38 GMT age: 35506 etag: "61f9bed607e81606be78285596acdc5e0e4f4994" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3502 Md5: a783df85f30f9c555f9df6b99f61744d Sha1: 61f9bed607e81606be78285596acdc5e0e4f4994 Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6789 x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLWWYFFgoAMFhaQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:46:06 GMT age: 57678 etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6789 Md5: 926df9839ec3d924b563b55d8bccace8 Sha1: c47a3884465fc02b5c57faa5ffbd986ba29c64c2 Sha256: a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9049 x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVGHzKoAMFSuA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:48:40 GMT age: 57524 etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9049 Md5: c8dc4b8a7e9f7f4f84f0da568b43392b Sha1: 3d32bff85cb7ec118c4496d0c3802829fdc9af3b Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8277 x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB-KFtmIAMF00Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:40:50 GMT age: 57994 etag: "6a8504212141af411a18ce58960c8bb52e8116ac" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8277 Md5: f59a591b222397ff0f01c22a0786e660 Sha1: 6a8504212141af411a18ce58960c8bb52e8116ac Sha256: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:40:18 GMT expires: Fri, 24 Nov 2023 16:40:18 GMT cache-control: public, max-age=31536000 age: 162426 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 21:20:46 GMT expires: Fri, 24 Nov 2023 21:20:46 GMT cache-control: public, max-age=31536000 age: 145598 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.138.29 HTTP/2 204 No Content date: Sat, 26 Nov 2022 13:47:24 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cl8dY7YzkhOSPRJ6i6WqXU%2BaBx%2BL%2Bb%2Fcw8G%2BxwHnN%2FLWkJSXWUM8JgvbT8TjMew3wXbavY25BvNBxSIt%2Bloep%2BVKAIUgE%2BxCUA2AsOUdoRWZyJAncavVWwVGNTL9IN6KTj%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7703136738e476fc-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3839 Expires: Sat, 26 Nov 2022 14:51:23 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e06a8dc90630612579b6720d2a6d530a Sha1: f83ff0f2d1925d7757f9afd075311eef7d07179a Sha256: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc
GET /static/AwAA/images/en/pics-for-bg/pic-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 29802 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-746a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29802 Md5: 89bed1df07d0561082775600a7b4dffc Sha1: c1456d2202279838618660a9405f480af3042b7d Sha256: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 29526 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7356" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29526 Md5: 7a14d6654f06cf115f1bfa361b6133f4 Sha1: be7c7984440b7fca15a2dba45e9727f83c7ed5a7 Sha256: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 31946 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7cca" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31946 Md5: 0a776348771c52ebdedbae6aec1a21bb Sha1: 6b2d5183853987c743ae74bbb8d1977e91e58542 Sha256: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 31114 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-798a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31114 Md5: 8ff3901573b3b7571c19f57460bd64ab Sha1: ab0478e05e29ceca93cce58fcc9e628287899fe9 Sha256: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-5.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-5.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 29010 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7152" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29010 Md5: d0be4db567029a82f6b2abb8a598047f Sha1: 54fc8433892867b4f1b04010fda6432bfc8dc672 Sha256: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 Alerts: Blocklists: - fortinet: Phishing
GET /AwAA/10040/oth?i=ezIF72OCGOs&u=9080226559574546667 HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: her-cupid.com/AwAA/10040/oth?i=ezIF72OCGOs&u=9080226559 (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: 44b6102b58bbdfc4c76ad58693d1ccd097738752eaef05854984a40a91c44b82 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT access-control-allow-origin: * x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 37770 Md5: 962d7676cbfd9526ad84b916566e10fc Sha1: f1b1a9450afb0e2f7ba9e469c2be6f0d53cd7a9e Sha256: 44b6102b58bbdfc4c76ad58693d1ccd097738752eaef05854984a40a91c44b82
GET /static/AwAA/images/en/pics-for-bg/pic-7.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-7.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 20464 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-4ff0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 20464 Md5: 531177239b443129aa3c4a7df46587a0 Sha1: d10b5d62feac76a5023a60b1e858c152985ac781 Sha256: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-8.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-8.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 32216 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7dd8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 32216 Md5: ed47b38a109df684d6f47d847baba3ce Sha1: 42804d2a2f18ea6899033cb513ae25e2412be1da Sha256: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/3-1.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-1.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 480 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1e0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 480 Md5: 37ad09484eb1a7e103c1bba69ec3408d Sha1: 950c14767d959c154d2ba2ceaa7867b8809731e5 Sha256: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/AwAA/3-2.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-2.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 535 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-217" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 535 Md5: 7621845db78d7540608060c63a721252 Sha1: b24bca5f9e3ca0daf6f0f4822d66febc5c65d169 Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/AwAA/images/en/pics-for-bg/pic-9.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-9.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 49118 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-bfde" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 49118 Md5: 3d3e96d7abdf026fe492e7937f2a59cc Sha1: 890ba98493246b4ced8317ffb371e95596e630ce Sha256: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-10.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-10.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 21094 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-5266" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 21094 Md5: b914513208055760188667de39db6716 Sha1: 04ae5f3be7a1c7bea6dd09cce098ee9edef554cb Sha256: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6405 Cache-Control: max-age=148697 Date: Sat, 26 Nov 2022 13:47:25 GMT Etag: "6381a1c1-1d7" Expires: Mon, 28 Nov 2022 07:05:42 GMT Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 407ca8387c360d434a53812c03688310 Sha1: 90e74fa4928adcf8ae410f2eea7956b6ae7f687b Sha256: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 7eb1f4c8f00faa04a7a7c1eaf78d82276f92b3799beb859ab089edc117e6eb3a 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 13:47:24 GMT date: Sat, 26 Nov 2022 13:47:24 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 912 Md5: d877ff06633024be8709e94349b4a968 Sha1: 6751a96c4c951cfa5212dfce48809eb39198b5cc Sha256: 7eb1f4c8f00faa04a7a7c1eaf78d82276f92b3799beb859ab089edc117e6eb3a
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: S+6Z9UaaDZzuAdpmB9wuSFs6dHydqUiGRxHUBQy0Ga522/gtCznnKaSPg+0Yf7Y6RmsumHWWB9JdxfqYR8wScQ== content-length: 0 date: Sat, 26 Nov 2022 13:47:25 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6003 Cache-Control: max-age=148295 Date: Sat, 26 Nov 2022 13:47:25 GMT Etag: "6381a1c1-1d7" Expires: Mon, 28 Nov 2022 06:59:00 GMT Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 407ca8387c360d434a53812c03688310 Sha1: 90e74fa4928adcf8ae410f2eea7956b6ae7f687b Sha256: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:26 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e99fcdc3ed7523948d56cbe1c943fcf3 Sha1: 4b8a3c27fa51771c288a392441d678321d7a3717 Sha256: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: 31cf5815e73e7791c9f82081a613bd3c0779caac526ae262ad8a8691e586562c 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 13:47:26 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-1023299879%3A1669470446032235&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAt4VUpH2NemlMz9T-ng0Iyzhs40QtYKQ5AVZpZisgWKFWe0_C6pgKRfeMr6QZuNLfYrQ36H strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: script-src 'nonce-hL7w_2sgntiSEWW52p85zQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 410 server: GSE set-cookie: __Host-GAPS=1:fTBsaJ_qFB2gJqU0SqVSrYNsoRrzlg:1JNAHaCn5yxHV42w;Path=/;Expires=Mon, 25-Nov-2024 13:47:26 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385) Size: 410 Md5: 7a3e8096dc8b8cfd04ea27d980b29215 Sha1: 476b74498ef8a4499a4a63c0059af0c5795dd03b Sha256: 31cf5815e73e7791c9f82081a613bd3c0779caac526ae262ad8a8691e586562c
GET /static/AwAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:25 GMT content-length: 7017 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1b69" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 7017 Md5: f19d6f44b496c9dedce8b96bd0f5f829 Sha1: c887ac358a0c8d6979f8b67013954aa8cf4ab1c8 Sha256: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78
GET /static/AwAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:25 GMT content-length: 1264 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-4f0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1264 Md5: fa61744c0140328a533d26bc93753134 Sha1: ea2b1d32e78280d8207a32aa6214263db134123e Sha256: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97
GET /static/AwAA/images/en/pics-for-bg/gif-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1637252 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-18fb84" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1637252 Md5: 10d4826a92e3fc1e4dbbf0be274bc061 Sha1: 9f4c667c8d1000c30789dc1f9b837803096b5b4f Sha256: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1270992 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-1364d0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1270992 Md5: 6e76e71ebf7277bce1079af604723e23 Sha1: c8fcbea450f77451ce8a6709c54c979e70507ca1 Sha256: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 2464052 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-259934" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 2464052 Md5: 5ea931f6f8f26a124460551efe002ac4 Sha1: 36e800547ef0feaa5d7a7ac69e5a24b66c81f907 Sha256: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1640424 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-1907e8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1640424 Md5: c2c8cf2a99d71b95804d661f795b5ce9 Sha1: 5ca43250f3c7bc1a67295381f430df71bffa3a6f Sha256: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-center-bottom-ql.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-cen (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1031120 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-fbbd0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1031120 Md5: ed3e40b68948820502bbf1716eae56b2 Sha1: 50ae8497f4d8bea52c4cb2c0177bc5be25c8b263 Sha256: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 728f4654e1badc144b372da0c0702d5df3a144294c911044cdb5b4422d35ecab 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5334 Cache-Control: max-age=113058 Date: Sat, 26 Nov 2022 13:47:27 GMT Etag: "63811abb-139" Expires: Sun, 27 Nov 2022 21:11:45 GMT Last-Modified: Fri, 25 Nov 2022 19:42:51 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: 663efebb4da0e71a1457c18229df400e Sha1: e4525ba77f185ae9694485fb65508486387e36b3 Sha256: 728f4654e1badc144b372da0c0702d5df3a144294c911044cdb5b4422d35ecab
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 310 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 HASH: 7f141b6b56f510fc793c35a5c522e2767d043bfe6c8e0d79daa05f673534dc7e 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 523 Md5: 30d193328f26484303d688b637cdb163 Sha1: 19ed7f5275bd038b48f24e71658f6ad26ca741d7 Sha256: 7f141b6b56f510fc793c35a5c522e2767d043bfe6c8e0d79daa05f673534dc7e Alerts: Blocklists: - fortinet: Phishing
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pornhub.com/video/manage?o=mr&t=pr2 FQDN: pornhub.com IP: 66.254.114.41 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 66.254.114.41 HTTP/2 301 Moved Permanently content-type: text/html server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT content-length: 166 location: https://www.pornhub.com/video/manage?o=mr&t=pr2 x-frame-options: SAMEORIGIN rating: RTA-5042-1996-1400-1577-RTA set-cookie: __s=638218EF-42FE722901BBAFBE-9873934; Secure; Samesite=None __l=638218EF-42FE722901BBAFBE-9873934; Secure; Samesite=None; Max-Age=31556926 strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722901BBAFBE-9873934 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /user/security/1111 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/user/security/1111 FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.254.114.33 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=kdkbjcgy124sa2yoa98xkfv2kbfkmzbi; expires=Tue, 23-Nov-2032 13:47:27 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=270648673245442860; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1026 location: https://www.pornhubpremium.com/premium/login?redirect=QkDz_6sQdvbxtPpfOZx-aWbSa4rvZeFOpx1fCd-UemDQxZ2sNnMGUqX2tkh6uZ_N x-frame-options: SAMEORIGIN vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722101BBC910-9DE9848 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premium/login?redirect=QkDz_6sQdvbxtPpfOZx-aWbSa4rvZeFOpx1fCd-UemDQxZ2sNnMGUqX2tkh6uZ_N HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=kdkbjcgy124sa2yoa98xkfv2kbfkmzbi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=QkDz_6sQd (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: 23aaccb36088f4ca5e45fbf003ab45eaade968d5feee3c1f4206d5a299ac461b 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=523552650303680035; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=26416.100000; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722101BBC910-9DE98B8 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7793 Md5: 874781ca73221e9143e0c4a3fda5c4d9 Sha1: 43e923b7a13a49ac8e1435f121fe0866416ab816 Sha256: 23aaccb36088f4ca5e45fbf003ab45eaade968d5feee3c1f4206d5a299ac461b
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:28 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT Expires: Sat, 03 Dec 2022 07:48:03 GMT Etag: "f66d108422d188602530372875d7beac8327ef5e" Cache-Control: max-age=582634,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7703137b59b6b4f3-OSL --- Additional Info --- Magic: data Size: 471 Md5: 00eea5bdd305068f54a53a0311504c7f Sha1: f66d108422d188602530372875d7beac8327ef5e Sha256: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.6 HASH: e631fbfc8db690296ba000038473a9b8553bb4e029a529de964fadb43cbfb9b3 185.88.181.6 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Sat, 26 Nov 2022 13:47:28 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=5b54e988246cb8d9Aq4rscISrLBiFIsxPXnVYcmdmmu6XypnM2J5Krv5Wz9mnVQRfnbw8Kwa7AEN9Uv4e8bQS_DQ4Mx7J8RZb4iOsDWzNsxKD1e8CGsidsP32V-EuqD1ozqLswGsrgmbj9T5_tA8CQEuX4JbxqnF6m4hGN2pR4GL_ERJ4Dtg8xRbKcAbEsX7FCfFv1cARfYfmeis; expires=Mon, 26-Dec-2022 13:47:28 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644) Size: 25817 Md5: 9734121ca7d7eae7539adebf8c083a44 Sha1: 940d6d54d83063fa9c556d00055e19b3d9c42d2b Sha256: e631fbfc8db690296ba000038473a9b8553bb4e029a529de964fadb43cbfb9b3
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 383 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTY4NCwiZG9tSW50ZXJhY3RpdmUiOjIwMDMsImRvbUNvbXBsZXRlIjo1MTc0fSwibHVpZCI6OTYxMDYxNTkxNTU4fQ==; userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 HASH: 68e48524ccff22fb91ea207fee78e8ae08317417fb0c5afd127932d9b294d795 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:28 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- data Size: 4563 Md5: c28122e1cf216b83aac609fa77a244e9 Sha1: c76efaad011ae8d669eb0c882f1f98619ebe5b07 Sha256: 68e48524ccff22fb91ea207fee78e8ae08317417fb0c5afd127932d9b294d795 Alerts: Blocklists: - fortinet: Phishing
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 104.21.58.242 104.21.58.242 HTTP/2 200 OK content-type: application/x-javascript date: Sat, 26 Nov 2022 13:47:24 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 6220 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66vpfz25oa8O%2B2Ll%2BhAJ%2F0Tgc3KM5Ci011XowvAajf0C2jFWj07CxjzINHyV%2BnP%2Bmuno2UznMQCQiyKULTd0CfF2SMidDNYgIHDHlL0wbx2GRUlSEFi8932kT1F%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 77031365eb5efac4-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Oswald:700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Oswald:700 FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 13:47:24 GMT date: Sat, 26 Nov 2022 13:47:24 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 172.64.138.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 13:47:24 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZtPTky6222p%2FLlUwIYsSnISDLLu%2B1B3XtoSA0rVm2COW13Rgq61Ohd4h2Gim9JEgQ%2FvtIeu9IfJYcMA06LCbAtrEh2UrSWY6DyYT6GmJIwG0BUfsDCIzc6GHhGBEjc8K1vu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 77031367ea3176fc-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjo5NjEwNjE1OTE1NTh9; userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:28 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /v3/signin/identifier?dsh=S-1023299879%3A1669470446032235&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAt4VUpH2NemlMz9T-ng0Iyzhs40QtYKQ5AVZpZisgWKFWe0_C6pgKRfeMr6QZuNLfYrQ36H HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S-10232998 (...) FQDN: accounts.google.com IP: 216.58.207.237 216.58.207.237 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 13:47:26 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-MHHdBKoYtW9XwVrFN5bCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist cross-origin-opener-policy-report-only: same-origin accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 318 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjk2MTA2MTU5MTU1OH0=; userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:28 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /user-id?nbl=&impression=ezIF72OCGOs&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FAwAA%2F10040%2Foth%3Fi%3DezIF72OCGOs%26u%3D9080226559574546667&search=%3Fi%3DezIF72OCGOs%26u%3D9080226559574546667&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=ezIF72OCGOs&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:26 GMT set-cookie: userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D; expires=Mon, 27-Nov-2023 10:04:06 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=k8vkce5ms12wx36cafb05vdj7er0i021; expires=Tue, 23-Nov-2032 13:47:27 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=527408622321169912; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=21147.100000; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=638218EF-42FE722901BBAFBE-987398D; Secure; Samesite=None __l=638218EF-42FE722901BBAFBE-987398D; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722901BBAFBE-987398D X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11996 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:07:18 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a9f1d4d98705c281fed3b60343463200

                                                Sha1:   db6f8aa98d2eda4e5473b116a222c3055568bb78

                                                Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6195 

                                        
                                            
Expires: Sat, 26 Nov 2022 15:30:37 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    71f9c681a82440fd55e76c780a20e55d

                                                Sha1:   3147768cfbcdd06e0c6e69684292e68e99917a80

                                                Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: IsuMCXYDS/V8a5n2p+J8OgTPT+fyjGZTsofzwikDYVhpHO5t7ZG8o0f+NH2ocrmNbsuYcAfRq70= 

                                        
                                            
x-amz-request-id: N6YJ5FEYJY3VQS2K 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 13:44:15 GMT 

                                        
                                            
age: 187 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:22 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: dateexotic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj

                                         104.21.34.109

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:22 GMT 

                                        
                                            
Content-Length: 47 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em5ZJcQb%2Ffv9SibsHrTXYGY35NrBnJr04I0RJTSd0nHq07FRTecLGDg8PUxqCXxteHHlgQnMKGYDVOrnKHrG4Ig4eYu%2B5oQVjbY8Mszb%2BurIsPwbdQ%2FwaAJbcUdKlg2a4A%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7703135ace0db51e-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   47

                                                Md5:    2f3ca1d38e8b18ef00c4a0eff0889cfc

                                                Sha1:   2f28ed1ccf7c08cf22491757fe20385249db162e

                                                Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5212 

                                        
                                            
Cache-Control: max-age=161180 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:23 GMT 

                                        
                                            
Etag: "6381d72b-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 10:33:43 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F705) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    d3df71aab146eefc49acb608796aab63

                                                Sha1:   8401892995193919376dfcd798b09c8261579454

                                                Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

                                        
                                            POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:23 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: scaffolding on HTTPServer2 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    7bf3638d23acb01907c531a6630a4493

                                                Sha1:   e7f8c2bf2de297420ce8a1c826c64aaf00917d2f

                                                Sha256: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812

                                        
                                            POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:23 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: scaffolding on HTTPServer2 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    7bf3638d23acb01907c531a6630a4493

                                                Sha1:   e7f8c2bf2de297420ce8a1c826c64aaf00917d2f

                                                Sha256: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "E2E6F1B7B76C3F604B2A75009AE7F391584AC0F784B60988AA2073BE392EA49F" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6925 

                                        
                                            
Expires: Sat, 26 Nov 2022 15:42:49 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    62a4328dbc9b7bbd72af4eef2d31b2d5

                                                Sha1:   ab7e74f30923409dd30fae46aa8e6eab18919590

                                                Sha256: e2e6f1b7b76c3f604b2a75009ae7f391584ac0f784b60988aa2073be392ea49f

                                        
                                            GET /agEA?usid=168bbcj13bafj&email=rzacarias%40slurpmail.net&sub1=clear_main&prid=168bbcj13bafj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 

                                        
                                            
Host: www2.dateexotic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dateexotic.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.159.164

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 13:47:23 GMT 

                                        
                                            
location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xNjhiYmNqMTNiYWZqJmVtYWlsPXJ6YWNhcmlhcyU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9MTY4YmJjajEzYmFmaiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=ea52a814113313be20e34cb7ed9c1d3a 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BExTbtNyw0QFW%2BdWxmWKRlyMwHl9iuB41tRFbDzK%2BUh6CxAiVzC2RWKbVT80TcyYKM%2BPt5Fj5pvCLu4hhxsc7LtLXFii0KywgJ4iuL8dasL%2BWHWKC0dJFgr42ddHdIi01a0IR4A"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703135a6df7b4ff-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  gzip compressed data, from Unix\012- data

                                                Size:   1021

                                                Md5:    3b07f6f3625abf8ad4dafd7b821ad69e

                                                Sha1:   304bbec923fc251222f5d8bf87ff13244ac12201

                                                Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    619fa0039b94697fc8a5bd24f57e8aa2

                                                Sha1:   53a366391a51d625029cc6d32fb4e8b6060990fd

                                                Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3667 

                                        
                                            
Cache-Control: max-age=89781 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Etag: "6380c64e-116" 

                                        
                                            
Expires: Sun, 27 Nov 2022 14:43:45 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 13:42:38 GMT 

                                        
                                            
Server: ECS (ska/F717) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   278

                                                Md5:    e83533519b59a0575bc36a368e8ae3f0

                                                Sha1:   ba48ddbcb69efb7d3c8b43917ce3f3c01587da69

                                                Sha256: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    619fa0039b94697fc8a5bd24f57e8aa2

                                                Sha1:   53a366391a51d625029cc6d32fb4e8b6060990fd

                                                Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    619fa0039b94697fc8a5bd24f57e8aa2

                                                Sha1:   53a366391a51d625029cc6d32fb4e8b6060990fd

                                                Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14810 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:54:14 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14810 

                                        
                                            
Expires: Sat, 26 Nov 2022 17:54:14 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 15818 

                                        
                                            
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cLXrUF3bIAMF8CA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA== 

                                        
                                            
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 22:17:55 GMT 

                                        
                                            
age: 55769 

                                        
                                            
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   15818

                                                Md5:    17ebe470d040a6ea8c57e9b9d4f4e828

                                                Sha1:   1ac7a410cd4f3709f476c776dd5646dd982dcfa8

                                                Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9914 

                                        
                                            
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cLVVFHQYIAMFc4Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg== 

                                        
                                            
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 22:18:42 GMT 

                                        
                                            
age: 55722 

                                        
                                            
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9914

                                                Md5:    3b1c6878914466cfece680fa7cb73502

                                                Sha1:   47fac81a2dd809df5c42ca1362f71d553572d2b1

                                                Sha256: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6789 

                                        
                                            
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cLWWYFFgoAMFhaQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw== 

                                        
                                            
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 21:46:06 GMT 

                                        
                                            
age: 57678 

                                        
                                            
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6789

                                                Md5:    926df9839ec3d924b563b55d8bccace8

                                                Sha1:   c47a3884465fc02b5c57faa5ffbd986ba29c64c2

                                                Sha256: a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8277 

                                        
                                            
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cIB-KFtmIAMF00Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw== 

                                        
                                            
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 21:40:50 GMT 

                                        
                                            
age: 57994 

                                        
                                            
etag: "6a8504212141af411a18ce58960c8bb52e8116ac" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8277

                                                Md5:    f59a591b222397ff0f01c22a0786e660

                                                Sha1:   6a8504212141af411a18ce58960c8bb52e8116ac

                                                Sha256: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    b05606331c6f88a724d9e404e62974e4

                                                Sha1:   72176bc6b618fbbe567b5746ed54e14d381a9815

                                                Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

                                        
                                            GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 10172 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 24 Nov 2022 21:20:46 GMT 

                                        
                                            
expires: Fri, 24 Nov 2023 21:20:46 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 145598 

                                        
                                            
last-modified: Mon, 18 Jul 2022 19:23:34 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data

                                                Size:   10172

                                                Md5:    58e5c92fd1a1fc89b8ca6d74ce4793b8

                                                Sha1:   337771c465778aeed6de18195e0cbe9d9098d299

                                                Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

                                        
                                            OPTIONS /get-keys HTTP/1.1 

                                        
                                            
Host: app.api-push.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.138.29

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH 

                                        
                                            
access-control-allow-headers: content-type 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cl8dY7YzkhOSPRJ6i6WqXU%2BaBx%2BL%2Bb%2Fcw8G%2BxwHnN%2FLWkJSXWUM8JgvbT8TjMew3wXbavY25BvNBxSIt%2Bloep%2BVKAIUgE%2BxCUA2AsOUdoRWZyJAncavVWwVGNTL9IN6KTj%2B"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7703136738e476fc-LHR 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3839 

                                        
                                            
Expires: Sat, 26 Nov 2022 14:51:23 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    e06a8dc90630612579b6720d2a6d530a

                                                Sha1:   f83ff0f2d1925d7757f9afd075311eef7d07179a

                                                Sha256: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc

                                        
                                            GET /AwAA/10040/oth?i=ezIF72OCGOs&u=9080226559574546667 HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://dateexotic.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-cache-status: HIT 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   37770

                                                Md5:    962d7676cbfd9526ad84b916566e10fc

                                                Sha1:   f1b1a9450afb0e2f7ba9e469c2be6f0d53cd7a9e

                                                Sha256: 44b6102b58bbdfc4c76ad58693d1ccd097738752eaef05854984a40a91c44b82

                                        
                                            GET /static/AwAA/3-2.png HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
content-length: 535 

                                        
                                            
last-modified: Mon, 03 Aug 2020 11:47:36 GMT 

                                        
                                            
etag: "5f27f958-217" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   535

                                                Md5:    7621845db78d7540608060c63a721252

                                                Sha1:   b24bca5f9e3ca0daf6f0f4822d66febc5c65d169

                                                Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:25 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e922b25acaba2d7f8921ebe973a4b261

                                                Sha1:   5dd4c237c84a652cbcf3db163529f3788ceafc46

                                                Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589

                                        
                                            GET /v14.0/plugins/like.php HTTP/1.1 

                                        
                                            
Host: www.facebook.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.13.72.36

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html;charset=utf-8

                                        

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: private, no-cache, no-store, must-revalidate 

                                        
                                            
expires: Sat, 01 Jan 2000 00:00:00 GMT 

                                        
                                            
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; 

                                        
                                            
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; 

                                        
                                            
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-fb-debug: S+6Z9UaaDZzuAdpmB9wuSFs6dHydqUiGRxHUBQy0Ga522/gtCznnKaSPg+0Yf7Y6RmsumHWWB9JdxfqYR8wScQ== 

                                        
                                            
content-length: 0 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:25 GMT 

                                        
                                            
priority: u=3,i 

                                        
                                            
alt-svc: h3=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6003 

                                        
                                            
Cache-Control: max-age=148295 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:25 GMT 

                                        
                                            
Etag: "6381a1c1-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 06:59:00 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT 

                                        
                                            
Server: ECS (ska/F705) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    407ca8387c360d434a53812c03688310

                                                Sha1:   90e74fa4928adcf8ae410f2eea7956b6ae7f687b

                                                Sha256: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3

                                        
                                            GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 

                                        
                                            
Host: accounts.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.237

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
x-frame-options: DENY 

                                        
                                            
cache-control: no-cache, no-store, max-age=0, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Mon, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:26 GMT 

                                        
                                            
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1023299879%3A1669470446032235&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAt4VUpH2NemlMz9T-ng0Iyzhs40QtYKQ5AVZpZisgWKFWe0_C6pgKRfeMr6QZuNLfYrQ36H 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
content-security-policy: script-src 'nonce-hL7w_2sgntiSEWW52p85zQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport 

                                        
                                            
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" 

                                        
                                            
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
content-length: 410 

                                        
                                            
server: GSE 

                                        
                                            
set-cookie: __Host-GAPS=1:fTBsaJ_qFB2gJqU0SqVSrYNsoRrzlg:1JNAHaCn5yxHV42w;Path=/;Expires=Mon, 25-Nov-2024 13:47:26 GMT;Secure;HttpOnly;Priority=HIGH 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)

                                                Size:   410

                                                Md5:    7a3e8096dc8b8cfd04ea27d980b29215

                                                Sha1:   476b74498ef8a4499a4a63c0059af0c5795dd03b

                                                Sha256: 31cf5815e73e7791c9f82081a613bd3c0779caac526ae262ad8a8691e586562c

                                        
                                            GET /static/AwAA/favicon-16x16.png HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:25 GMT 

                                        
                                            
content-length: 1264 

                                        
                                            
last-modified: Mon, 03 Aug 2020 11:47:36 GMT 

                                        
                                            
etag: "5f27f958-4f0" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1264

                                                Md5:    fa61744c0140328a533d26bc93753134

                                                Sha1:   ea2b1d32e78280d8207a32aa6214263db134123e

                                                Sha256: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5334 

                                        
                                            
Cache-Control: max-age=113058 

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:27 GMT 

                                        
                                            
Etag: "63811abb-139" 

                                        
                                            
Expires: Sun, 27 Nov 2022 21:11:45 GMT 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 19:42:51 GMT 

                                        
                                            
Server: ECS (ska/F705) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 313 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   313

                                                Md5:    663efebb4da0e71a1457c18229df400e

                                                Sha1:   e4525ba77f185ae9694485fb65508486387e36b3

                                                Sha256: 728f4654e1badc144b372da0c0702d5df3a144294c911044cdb5b4422d35ecab

                                        
                                            GET /video/manage?o=mr&t=pr2 HTTP/1.1 

                                        
                                            
Host: pornhub.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         66.254.114.41

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:27 GMT 

                                        
                                            
content-length: 166 

                                        
                                            
location: https://www.pornhub.com/video/manage?o=mr&t=pr2 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
rating: RTA-5042-1996-1400-1577-RTA 

                                        
                                            
set-cookie: __s=638218EF-42FE722901BBAFBE-9873934; Secure; Samesite=None
__l=638218EF-42FE722901BBAFBE-9873934; Secure; Samesite=None; Max-Age=31556926 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
x-request-id: 638218EF-42FE722901BBAFBE-9873934 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   166

                                                Md5:    3ea1c8d079b38532a6e01a96216ba5e2

                                                Sha1:   598d3ff91d3e252f1e13df8cf0348b270ff2da3f

                                                Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

                                        
                                            GET /premium/login?redirect=QkDz_6sQdvbxtPpfOZx-aWbSa4rvZeFOpx1fCd-UemDQxZ2sNnMGUqX2tkh6uZ_N HTTP/1.1 

                                        
                                            
Host: www.pornhubpremium.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: bs=kdkbjcgy124sa2yoa98xkfv2kbfkmzbi 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         66.254.114.33

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:27 GMT 

                                        
                                            
transfer-encoding: chunked 

                                        
                                            
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=523552650303680035; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=26416.100000; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
vary: User-Agent 

                                        
                                            
rating: RTA-5042-1996-1400-1577-RTA 

                                        
                                            
content-encoding: gzip 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
x-request-id: 638218EF-42FE722101BBC910-9DE98B8 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)

                                                Size:   7793

                                                Md5:    874781ca73221e9143e0c4a3fda5c4d9

                                                Sha1:   43e923b7a13a49ac8e1435f121fe0866416ab816

                                                Sha256: 23aaccb36088f4ca5e45fbf003ab45eaade968d5feee3c1f4206d5a299ac461b

                                        
                                            GET /favorite/90902157/mk_1123 HTTP/1.1 

                                        
                                            
Host: www.xvideos.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.88.181.6

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 13:47:28 GMT 

                                        
                                            
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" 

                                        
                                            
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net; 

                                        
                                            
Referrer-Policy: no-referrer-when-downgrade 

                                        
                                            
Set-Cookie: session_token=5b54e988246cb8d9Aq4rscISrLBiFIsxPXnVYcmdmmu6XypnM2J5Krv5Wz9mnVQRfnbw8Kwa7AEN9Uv4e8bQS_DQ4Mx7J8RZb4iOsDWzNsxKD1e8CGsidsP32V-EuqD1ozqLswGsrgmbj9T5_tA8CQEuX4JbxqnF6m4hGN2pR4GL_ERJ4Dtg8xRbKcAbEsX7FCfFv1cARfYfmeis; expires=Mon, 26-Dec-2022 13:47:28 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Server: nginx 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644)

                                                Size:   25817

                                                Md5:    9734121ca7d7eae7539adebf8c083a44

                                                Sha1:   940d6d54d83063fa9c556d00055e19b3d9c42d2b

                                                Sha256: e631fbfc8db690296ba000038473a9b8553bb4e029a529de964fadb43cbfb9b3

                                        
                                            GET /cdn/push.min.js HTTP/1.1 

                                        
                                            
Host: cdnjam.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.58.242

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript

                                        

                                        
                                            
date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"44c9e373bc246e347c8420a2eb8f54d4" 

                                        
                                            
last-modified: Mon, 06 Jun 2022 20:30:35 GMT 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 16F62D8C82243EE0 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
cache-control: max-age=14400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 6220 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66vpfz25oa8O%2B2Ll%2BhAJ%2F0Tgc3KM5Ci011XowvAajf0C2jFWj07CxjzINHyV%2BnP%2Bmuno2UznMQCQiyKULTd0CfF2SMidDNYgIHDHlL0wbx2GRUlSEFi8932kT1F%2B"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 77031365eb5efac4-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            POST /get-keys HTTP/1.1 

                                        
                                            
Host: app.api-push.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Content-Length: 174 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.138.29

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 13:47:24 GMT 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH 

                                        
                                            
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZtPTky6222p%2FLlUwIYsSnISDLLu%2B1B3XtoSA0rVm2COW13Rgq61Ohd4h2Gim9JEgQ%2FvtIeu9IfJYcMA06LCbAtrEh2UrSWY6DyYT6GmJIwG0BUfsDCIzc6GHhGBEjc8K1vu"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 77031367ea3176fc-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /v3/signin/identifier?dsh=S-1023299879%3A1669470446032235&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAt4VUpH2NemlMz9T-ng0Iyzhs40QtYKQ5AVZpZisgWKFWe0_C6pgKRfeMr6QZuNLfYrQ36H HTTP/1.1 

                                        
                                            
Host: accounts.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         216.58.207.237

                                        
                                            HTTP/2 403 Forbidden 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
cache-control: no-cache, no-store, max-age=0, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Mon, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:26 GMT 

                                        
                                            
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-MHHdBKoYtW9XwVrFN5bCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist 

                                        
                                            
cross-origin-opener-policy-report-only: same-origin 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /user-id?nbl=&impression=ezIF72OCGOs&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FAwAA%2F10040%2Foth%3Fi%3DezIF72OCGOs%26u%3D9080226559574546667&search=%3Fi%3DezIF72OCGOs%26u%3D9080226559574546667&contactExists=false HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=UTF-8

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 13:47:26 GMT 

                                        
                                            
set-cookie: userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D; expires=Mon, 27-Nov-2023 10:04:06 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj
IP	172.67.159.164 (United States)
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-26 13:47:34 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	19
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@ (...) FQDN: dateexotic.com IP: 104.21.34.109 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 104.21.34.109 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 26 Nov 2022 13:47:22 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TW17b5R5%2BEPczS4LYg57tIxA1f4T7LV9KXkjmnE0U0Qpxh%2BsxwURe6l6xzwKdU8aZgJUbHS3A3sbGJyT3grs1ge1V0cUkc0MYFflwgwknlripgYTfmmcgKK%2FqmyFj5UFWQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 77031356f912b51e-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11996 Expires: Sat, 26 Nov 2022 17:07:18 GMT Date: Sat, 26 Nov 2022 13:47:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9f1d4d98705c281fed3b60343463200 Sha1: db6f8aa98d2eda4e5473b116a222c3055568bb78 Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5123 Cache-Control: max-age=166149 Date: Sat, 26 Nov 2022 13:47:22 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 11:56:31 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6195 Expires: Sat, 26 Nov 2022 15:30:37 GMT Date: Sat, 26 Nov 2022 13:47:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 13:19:13 GMT cache-control: public,max-age=3600 age: 1689 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: IsuMCXYDS/V8a5n2p+J8OgTPT+fyjGZTsofzwikDYVhpHO5t7ZG8o0f+NH2ocrmNbsuYcAfRq70= x-amz-request-id: N6YJ5FEYJY3VQS2K content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 13:44:15 GMT age: 187 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 104.21.34.109 HASH: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b 104.21.34.109 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Sat, 26 Nov 2022 13:47:22 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 770313595c15b51e-OSL Age: 135546 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZHQySCz5kTvODbNsGfaxbBYbEOJjW6T0ff7rGMe%2FenDHMxByslZaJtSSfDehzBJ8mvx2e7xthhw5wqsuUHxeehwZv%2FFTTHUD0oY0IsdtsQX63fDAjwBDFG%2BUCwUwS5Ivg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3571 Md5: 896fa747a8832e6a6ac72bbbcfc917f6 Sha1: 67dc40632c900a9f84280f0898b308b8a6b3e3a5 Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 13:47:22 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9937 Expires: Sat, 26 Nov 2022 16:32:59 GMT Date: Sat, 26 Nov 2022 13:47:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias@slurpmail.net&sub1=clear_main&prid=168bbcj13bafj	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 104.21.34.109 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 104.21.34.109 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 26 Nov 2022 13:47:22 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em5ZJcQb%2Ffv9SibsHrTXYGY35NrBnJr04I0RJTSd0nHq07FRTecLGDg8PUxqCXxteHHlgQnMKGYDVOrnKHrG4Ig4eYu%2B5oQVjbY8Mszb%2BurIsPwbdQ%2FwaAJbcUdKlg2a4A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7703135ace0db51e-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 13:11:12 GMT cache-control: public,max-age=3600 age: 2170 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5212 Cache-Control: max-age=161180 Date: Sat, 26 Nov 2022 13:47:23 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 10:33:43 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9936 Expires: Sat, 26 Nov 2022 16:32:59 GMT Date: Sat, 26 Nov 2022 13:47:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:23 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 7bf3638d23acb01907c531a6630a4493 Sha1: e7f8c2bf2de297420ce8a1c826c64aaf00917d2f Sha256: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xNjhiYmNqMTNiYWZqJmVtYWlsPXJ6YWNhcmlhcyU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9MTY4YmJjajEzYmFmaiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=ea52a814113313be20e34cb7ed9c1d3a HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 172.67.204.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.204.112 HTTP/2 301 Moved Permanently date: Sat, 26 Nov 2022 13:47:23 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=168bbcj13bafj&email=rzacarias%40slurpmail.net&sub1=clear_main&prid=168bbcj13bafj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=9080226559574546667&c=503965751 set-cookie: trbarid=9080226559574546667;expires=Mon, 25 Nov 2024 13:47:23 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6xROd7azsELgPu5AWgkPlVNgOkFWKRYaPScRo%2FjSLMCOJ1BMdO6BARicK30lWTn0Zf8xaPE7tHBN6TccfWtRV0u0GCDKB63K4YlqpS1ETHoRRS0vlLdGOHYpG33u6W78B6T"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7703135e6c69b518-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:23 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 7bf3638d23acb01907c531a6630a4493 Sha1: e7f8c2bf2de297420ce8a1c826c64aaf00917d2f Sha256: c7f056a2e8f3c2cd089a185a457f92794ab66e603c3565dfc9999a5dd58fe812
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: rjqtLdkUCCk9Q1veRtTAEQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.191.251.76 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.191.251.76 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kcsbfT/47U9BJdXE36oqkxe1Cy8= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e2e6f1b7b76c3f604b2a75009ae7f391584ac0f784b60988aa2073be392ea49f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E2E6F1B7B76C3F604B2A75009AE7F391584AC0F784B60988AA2073BE392EA49F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6925 Expires: Sat, 26 Nov 2022 15:42:49 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 62a4328dbc9b7bbd72af4eef2d31b2d5 Sha1: ab7e74f30923409dd30fae46aa8e6eab18919590 Sha256: e2e6f1b7b76c3f604b2a75009ae7f391584ac0f784b60988aa2073be392ea49f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3667 Cache-Control: max-age=89781 Date: Sat, 26 Nov 2022 13:47:24 GMT Etag: "6380c64e-116" Expires: Sun, 27 Nov 2022 14:43:45 GMT Last-Modified: Fri, 25 Nov 2022 13:42:38 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: e83533519b59a0575bc36a368e8ae3f0 Sha1: ba48ddbcb69efb7d3c8b43917ce3f3c01587da69 Sha256: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4
GET /agEA?usid=168bbcj13bafj&email=rzacarias%40slurpmail.net&sub1=clear_main&prid=168bbcj13bafj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=168bbcj13bafj&email=rzaca (...) FQDN: www2.dateexotic.com IP: 172.67.159.164 HASH: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d 172.67.159.164 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Sat, 26 Nov 2022 13:47:23 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xNjhiYmNqMTNiYWZqJmVtYWlsPXJ6YWNhcmlhcyU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9MTY4YmJjajEzYmFmaiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=ea52a814113313be20e34cb7ed9c1d3a access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BExTbtNyw0QFW%2BdWxmWKRlyMwHl9iuB41tRFbDzK%2BUh6CxAiVzC2RWKbVT80TcyYKM%2BPt5Fj5pvCLu4hhxsc7LtLXFii0KywgJ4iuL8dasL%2BWHWKC0dJFgr42ddHdIi01a0IR4A"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7703135a6df7b4ff-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 1021 Md5: 3b07f6f3625abf8ad4dafd7b821ad69e Sha1: 304bbec923fc251222f5d8bf87ff13244ac12201 Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3667 Cache-Control: max-age=89781 Date: Sat, 26 Nov 2022 13:47:24 GMT Etag: "6380c64e-116" Expires: Sun, 27 Nov 2022 14:43:45 GMT Last-Modified: Fri, 25 Nov 2022 13:42:38 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: e83533519b59a0575bc36a368e8ae3f0 Sha1: ba48ddbcb69efb7d3c8b43917ce3f3c01587da69 Sha256: 558cfc5bc388eddc7aa8c672355f98b92ba4674019471059de80533b53444ec4
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 172.217.21.170 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 172.217.21.170 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 08:46:23 GMT expires: Sat, 25 Nov 2023 08:46:23 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 104461 last-modified: Fri, 08 May 2020 07:05:03 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /7.21.1/bundle.es5.min.js HTTP/1.1 Host: browser.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: browser.sentry-cdn.com/7.21.1/bundle.es5.min.js FQDN: browser.sentry-cdn.com IP: 151.101.66.217 HASH: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050 151.101.66.217 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 cache-control: public, max-age=31536000 expires: Thu, 23 Nov 2023 17:02:22 GMT last-modified: Wed, 23 Nov 2022 11:53:26 GMT etag: "66704d64b742c25f1edefdf90adf3f2f" content-encoding: gzip accept-ranges: bytes date: Sat, 26 Nov 2022 13:47:24 GMT age: 247502 vary: Accept-Encoding access-control-allow-origin: * server: Fastly strict-transport-security: max-age=31536000; includeSubDomains content-length: 20162 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (62012) Size: 20162 Md5: 66704d64b742c25f1edefdf90adf3f2f Sha1: 5f54e6f7e7e066f91aa129fa2a877618916aacb1 Sha256: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14810 Expires: Sat, 26 Nov 2022 17:54:14 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15818 x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLXrUF3bIAMF8CA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:17:55 GMT age: 55769 etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15818 Md5: 17ebe470d040a6ea8c57e9b9d4f4e828 Sha1: 1ac7a410cd4f3709f476c776dd5646dd982dcfa8 Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3839 Expires: Sat, 26 Nov 2022 14:51:23 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e06a8dc90630612579b6720d2a6d530a Sha1: f83ff0f2d1925d7757f9afd075311eef7d07179a Sha256: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9914 x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVFHQYIAMFc4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:18:42 GMT age: 55722 etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9914 Md5: 3b1c6878914466cfece680fa7cb73502 Sha1: 47fac81a2dd809df5c42ca1362f71d553572d2b1 Sha256: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3502 x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYUHO5IAMFqDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 03:55:38 GMT age: 35506 etag: "61f9bed607e81606be78285596acdc5e0e4f4994" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3502 Md5: a783df85f30f9c555f9df6b99f61744d Sha1: 61f9bed607e81606be78285596acdc5e0e4f4994 Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6789 x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLWWYFFgoAMFhaQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:46:06 GMT age: 57678 etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6789 Md5: 926df9839ec3d924b563b55d8bccace8 Sha1: c47a3884465fc02b5c57faa5ffbd986ba29c64c2 Sha256: a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9049 x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVGHzKoAMFSuA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:48:40 GMT age: 57524 etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9049 Md5: c8dc4b8a7e9f7f4f84f0da568b43392b Sha1: 3d32bff85cb7ec118c4496d0c3802829fdc9af3b Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8277 x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB-KFtmIAMF00Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:40:50 GMT age: 57994 etag: "6a8504212141af411a18ce58960c8bb52e8116ac" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8277 Md5: f59a591b222397ff0f01c22a0786e660 Sha1: 6a8504212141af411a18ce58960c8bb52e8116ac Sha256: 624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:40:18 GMT expires: Fri, 24 Nov 2023 16:40:18 GMT cache-control: public, max-age=31536000 age: 162426 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 21:20:46 GMT expires: Fri, 24 Nov 2023 21:20:46 GMT cache-control: public, max-age=31536000 age: 145598 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.138.29 HTTP/2 204 No Content date: Sat, 26 Nov 2022 13:47:24 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cl8dY7YzkhOSPRJ6i6WqXU%2BaBx%2BL%2Bb%2Fcw8G%2BxwHnN%2FLWkJSXWUM8JgvbT8TjMew3wXbavY25BvNBxSIt%2Bloep%2BVKAIUgE%2BxCUA2AsOUdoRWZyJAncavVWwVGNTL9IN6KTj%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7703136738e476fc-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b05606331c6f88a724d9e404e62974e4 Sha1: 72176bc6b618fbbe567b5746ed54e14d381a9815 Sha256: 7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3839 Expires: Sat, 26 Nov 2022 14:51:23 GMT Date: Sat, 26 Nov 2022 13:47:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e06a8dc90630612579b6720d2a6d530a Sha1: f83ff0f2d1925d7757f9afd075311eef7d07179a Sha256: 9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc
GET /static/AwAA/images/en/pics-for-bg/pic-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 29802 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-746a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29802 Md5: 89bed1df07d0561082775600a7b4dffc Sha1: c1456d2202279838618660a9405f480af3042b7d Sha256: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 29526 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7356" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29526 Md5: 7a14d6654f06cf115f1bfa361b6133f4 Sha1: be7c7984440b7fca15a2dba45e9727f83c7ed5a7 Sha256: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 31946 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7cca" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31946 Md5: 0a776348771c52ebdedbae6aec1a21bb Sha1: 6b2d5183853987c743ae74bbb8d1977e91e58542 Sha256: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 31114 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-798a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31114 Md5: 8ff3901573b3b7571c19f57460bd64ab Sha1: ab0478e05e29ceca93cce58fcc9e628287899fe9 Sha256: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-5.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-5.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 29010 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7152" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29010 Md5: d0be4db567029a82f6b2abb8a598047f Sha1: 54fc8433892867b4f1b04010fda6432bfc8dc672 Sha256: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 Alerts: Blocklists: - fortinet: Phishing
GET /AwAA/10040/oth?i=ezIF72OCGOs&u=9080226559574546667 HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: her-cupid.com/AwAA/10040/oth?i=ezIF72OCGOs&u=9080226559 (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: 44b6102b58bbdfc4c76ad58693d1ccd097738752eaef05854984a40a91c44b82 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT access-control-allow-origin: * x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 37770 Md5: 962d7676cbfd9526ad84b916566e10fc Sha1: f1b1a9450afb0e2f7ba9e469c2be6f0d53cd7a9e Sha256: 44b6102b58bbdfc4c76ad58693d1ccd097738752eaef05854984a40a91c44b82
GET /static/AwAA/images/en/pics-for-bg/pic-7.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-7.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 20464 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-4ff0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 20464 Md5: 531177239b443129aa3c4a7df46587a0 Sha1: d10b5d62feac76a5023a60b1e858c152985ac781 Sha256: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-8.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-8.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 32216 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7dd8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 32216 Md5: ed47b38a109df684d6f47d847baba3ce Sha1: 42804d2a2f18ea6899033cb513ae25e2412be1da Sha256: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/3-1.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-1.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 480 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1e0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 480 Md5: 37ad09484eb1a7e103c1bba69ec3408d Sha1: 950c14767d959c154d2ba2ceaa7867b8809731e5 Sha256: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/AwAA/3-2.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-2.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 535 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-217" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 535 Md5: 7621845db78d7540608060c63a721252 Sha1: b24bca5f9e3ca0daf6f0f4822d66febc5c65d169 Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/AwAA/images/en/pics-for-bg/pic-9.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-9.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 49118 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-bfde" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 49118 Md5: 3d3e96d7abdf026fe492e7937f2a59cc Sha1: 890ba98493246b4ced8317ffb371e95596e630ce Sha256: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-10.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-10.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 21094 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-5266" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 21094 Md5: b914513208055760188667de39db6716 Sha1: 04ae5f3be7a1c7bea6dd09cce098ee9edef554cb Sha256: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6405 Cache-Control: max-age=148697 Date: Sat, 26 Nov 2022 13:47:25 GMT Etag: "6381a1c1-1d7" Expires: Mon, 28 Nov 2022 07:05:42 GMT Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 407ca8387c360d434a53812c03688310 Sha1: 90e74fa4928adcf8ae410f2eea7956b6ae7f687b Sha256: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 7eb1f4c8f00faa04a7a7c1eaf78d82276f92b3799beb859ab089edc117e6eb3a 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 13:47:24 GMT date: Sat, 26 Nov 2022 13:47:24 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 912 Md5: d877ff06633024be8709e94349b4a968 Sha1: 6751a96c4c951cfa5212dfce48809eb39198b5cc Sha256: 7eb1f4c8f00faa04a7a7c1eaf78d82276f92b3799beb859ab089edc117e6eb3a
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: S+6Z9UaaDZzuAdpmB9wuSFs6dHydqUiGRxHUBQy0Ga522/gtCznnKaSPg+0Yf7Y6RmsumHWWB9JdxfqYR8wScQ== content-length: 0 date: Sat, 26 Nov 2022 13:47:25 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6003 Cache-Control: max-age=148295 Date: Sat, 26 Nov 2022 13:47:25 GMT Etag: "6381a1c1-1d7" Expires: Mon, 28 Nov 2022 06:59:00 GMT Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 407ca8387c360d434a53812c03688310 Sha1: 90e74fa4928adcf8ae410f2eea7956b6ae7f687b Sha256: 5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:26 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e99fcdc3ed7523948d56cbe1c943fcf3 Sha1: 4b8a3c27fa51771c288a392441d678321d7a3717 Sha256: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: 31cf5815e73e7791c9f82081a613bd3c0779caac526ae262ad8a8691e586562c 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 13:47:26 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-1023299879%3A1669470446032235&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAt4VUpH2NemlMz9T-ng0Iyzhs40QtYKQ5AVZpZisgWKFWe0_C6pgKRfeMr6QZuNLfYrQ36H strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: script-src 'nonce-hL7w_2sgntiSEWW52p85zQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 410 server: GSE set-cookie: __Host-GAPS=1:fTBsaJ_qFB2gJqU0SqVSrYNsoRrzlg:1JNAHaCn5yxHV42w;Path=/;Expires=Mon, 25-Nov-2024 13:47:26 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385) Size: 410 Md5: 7a3e8096dc8b8cfd04ea27d980b29215 Sha1: 476b74498ef8a4499a4a63c0059af0c5795dd03b Sha256: 31cf5815e73e7791c9f82081a613bd3c0779caac526ae262ad8a8691e586562c
GET /static/AwAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:25 GMT content-length: 7017 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1b69" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 7017 Md5: f19d6f44b496c9dedce8b96bd0f5f829 Sha1: c887ac358a0c8d6979f8b67013954aa8cf4ab1c8 Sha256: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78
GET /static/AwAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:25 GMT content-length: 1264 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-4f0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1264 Md5: fa61744c0140328a533d26bc93753134 Sha1: ea2b1d32e78280d8207a32aa6214263db134123e Sha256: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97
GET /static/AwAA/images/en/pics-for-bg/gif-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1637252 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-18fb84" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1637252 Md5: 10d4826a92e3fc1e4dbbf0be274bc061 Sha1: 9f4c667c8d1000c30789dc1f9b837803096b5b4f Sha256: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1270992 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-1364d0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1270992 Md5: 6e76e71ebf7277bce1079af604723e23 Sha1: c8fcbea450f77451ce8a6709c54c979e70507ca1 Sha256: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 2464052 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-259934" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 2464052 Md5: 5ea931f6f8f26a124460551efe002ac4 Sha1: 36e800547ef0feaa5d7a7ac69e5a24b66c81f907 Sha256: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1640424 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-1907e8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1640424 Md5: c2c8cf2a99d71b95804d661f795b5ce9 Sha1: 5ca43250f3c7bc1a67295381f430df71bffa3a6f Sha256: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-center-bottom-ql.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-cen (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT content-length: 1031120 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-fbbd0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1031120 Md5: ed3e40b68948820502bbf1716eae56b2 Sha1: 50ae8497f4d8bea52c4cb2c0177bc5be25c8b263 Sha256: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 728f4654e1badc144b372da0c0702d5df3a144294c911044cdb5b4422d35ecab 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5334 Cache-Control: max-age=113058 Date: Sat, 26 Nov 2022 13:47:27 GMT Etag: "63811abb-139" Expires: Sun, 27 Nov 2022 21:11:45 GMT Last-Modified: Fri, 25 Nov 2022 19:42:51 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: 663efebb4da0e71a1457c18229df400e Sha1: e4525ba77f185ae9694485fb65508486387e36b3 Sha256: 728f4654e1badc144b372da0c0702d5df3a144294c911044cdb5b4422d35ecab
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 310 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 HASH: 7f141b6b56f510fc793c35a5c522e2767d043bfe6c8e0d79daa05f673534dc7e 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:24 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 523 Md5: 30d193328f26484303d688b637cdb163 Sha1: 19ed7f5275bd038b48f24e71658f6ad26ca741d7 Sha256: 7f141b6b56f510fc793c35a5c522e2767d043bfe6c8e0d79daa05f673534dc7e Alerts: Blocklists: - fortinet: Phishing
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pornhub.com/video/manage?o=mr&t=pr2 FQDN: pornhub.com IP: 66.254.114.41 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 66.254.114.41 HTTP/2 301 Moved Permanently content-type: text/html server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT content-length: 166 location: https://www.pornhub.com/video/manage?o=mr&t=pr2 x-frame-options: SAMEORIGIN rating: RTA-5042-1996-1400-1577-RTA set-cookie: __s=638218EF-42FE722901BBAFBE-9873934; Secure; Samesite=None __l=638218EF-42FE722901BBAFBE-9873934; Secure; Samesite=None; Max-Age=31556926 strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722901BBAFBE-9873934 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /user/security/1111 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/user/security/1111 FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.254.114.33 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=kdkbjcgy124sa2yoa98xkfv2kbfkmzbi; expires=Tue, 23-Nov-2032 13:47:27 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=270648673245442860; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1026 location: https://www.pornhubpremium.com/premium/login?redirect=QkDz_6sQdvbxtPpfOZx-aWbSa4rvZeFOpx1fCd-UemDQxZ2sNnMGUqX2tkh6uZ_N x-frame-options: SAMEORIGIN vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722101BBC910-9DE9848 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premium/login?redirect=QkDz_6sQdvbxtPpfOZx-aWbSa4rvZeFOpx1fCd-UemDQxZ2sNnMGUqX2tkh6uZ_N HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=kdkbjcgy124sa2yoa98xkfv2kbfkmzbi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=QkDz_6sQd (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: 23aaccb36088f4ca5e45fbf003ab45eaade968d5feee3c1f4206d5a299ac461b 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=523552650303680035; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=26416.100000; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722101BBC910-9DE98B8 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7793 Md5: 874781ca73221e9143e0c4a3fda5c4d9 Sha1: 43e923b7a13a49ac8e1435f121fe0866416ab816 Sha256: 23aaccb36088f4ca5e45fbf003ab45eaade968d5feee3c1f4206d5a299ac461b
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 13:47:28 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT Expires: Sat, 03 Dec 2022 07:48:03 GMT Etag: "f66d108422d188602530372875d7beac8327ef5e" Cache-Control: max-age=582634,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7703137b59b6b4f3-OSL --- Additional Info --- Magic: data Size: 471 Md5: 00eea5bdd305068f54a53a0311504c7f Sha1: f66d108422d188602530372875d7beac8327ef5e Sha256: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.6 HASH: e631fbfc8db690296ba000038473a9b8553bb4e029a529de964fadb43cbfb9b3 185.88.181.6 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Sat, 26 Nov 2022 13:47:28 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=5b54e988246cb8d9Aq4rscISrLBiFIsxPXnVYcmdmmu6XypnM2J5Krv5Wz9mnVQRfnbw8Kwa7AEN9Uv4e8bQS_DQ4Mx7J8RZb4iOsDWzNsxKD1e8CGsidsP32V-EuqD1ozqLswGsrgmbj9T5_tA8CQEuX4JbxqnF6m4hGN2pR4GL_ERJ4Dtg8xRbKcAbEsX7FCfFv1cARfYfmeis; expires=Mon, 26-Dec-2022 13:47:28 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644) Size: 25817 Md5: 9734121ca7d7eae7539adebf8c083a44 Sha1: 940d6d54d83063fa9c556d00055e19b3d9c42d2b Sha256: e631fbfc8db690296ba000038473a9b8553bb4e029a529de964fadb43cbfb9b3
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 383 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTY4NCwiZG9tSW50ZXJhY3RpdmUiOjIwMDMsImRvbUNvbXBsZXRlIjo1MTc0fSwibHVpZCI6OTYxMDYxNTkxNTU4fQ==; userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 HASH: 68e48524ccff22fb91ea207fee78e8ae08317417fb0c5afd127932d9b294d795 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:28 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- data Size: 4563 Md5: c28122e1cf216b83aac609fa77a244e9 Sha1: c76efaad011ae8d669eb0c882f1f98619ebe5b07 Sha256: 68e48524ccff22fb91ea207fee78e8ae08317417fb0c5afd127932d9b294d795 Alerts: Blocklists: - fortinet: Phishing
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 104.21.58.242 104.21.58.242 HTTP/2 200 OK content-type: application/x-javascript date: Sat, 26 Nov 2022 13:47:24 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 6220 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66vpfz25oa8O%2B2Ll%2BhAJ%2F0Tgc3KM5Ci011XowvAajf0C2jFWj07CxjzINHyV%2BnP%2Bmuno2UznMQCQiyKULTd0CfF2SMidDNYgIHDHlL0wbx2GRUlSEFi8932kT1F%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 77031365eb5efac4-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Oswald:700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Oswald:700 FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 13:47:24 GMT date: Sat, 26 Nov 2022 13:47:24 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 172.64.138.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 13:47:24 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZtPTky6222p%2FLlUwIYsSnISDLLu%2B1B3XtoSA0rVm2COW13Rgq61Ohd4h2Gim9JEgQ%2FvtIeu9IfJYcMA06LCbAtrEh2UrSWY6DyYT6GmJIwG0BUfsDCIzc6GHhGBEjc8K1vu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 77031367ea3176fc-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjo5NjEwNjE1OTE1NTh9; userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:28 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /v3/signin/identifier?dsh=S-1023299879%3A1669470446032235&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAt4VUpH2NemlMz9T-ng0Iyzhs40QtYKQ5AVZpZisgWKFWe0_C6pgKRfeMr6QZuNLfYrQ36H HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S-10232998 (...) FQDN: accounts.google.com IP: 216.58.207.237 216.58.207.237 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 13:47:26 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-MHHdBKoYtW9XwVrFN5bCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist cross-origin-opener-policy-report-only: same-origin accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 318 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjk2MTA2MTU5MTU1OH0=; userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:28 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /user-id?nbl=&impression=ezIF72OCGOs&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FAwAA%2F10040%2Foth%3Fi%3DezIF72OCGOs%26u%3D9080226559574546667&search=%3Fi%3DezIF72OCGOs%26u%3D9080226559574546667&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_ezIF72OCGOs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJleklGNzJPQ0dPcyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3Iiwic2VhcmNoIjoiP2k9ZXpJRjcyT0NHT3MmdT05MDgwMjI2NTU5NTc0NTQ2NjY3IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=ezIF72OCGOs&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 13:47:26 GMT set-cookie: userid=fea28021090014438e29caa042e2245112cb67bdb9b6ca21ef3a90e1557d9d7ea%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A961061591558%3B%7D; expires=Mon, 27-Nov-2023 10:04:06 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 13:47:27 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 13:47:27 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Sat, 03-Dec-2022 13:47:27 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=k8vkce5ms12wx36cafb05vdj7er0i021; expires=Tue, 23-Nov-2032 13:47:27 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=527408622321169912; expires=Sun, 26-Nov-2023 13:47:27 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=21147.100000; expires=Mon, 26-Dec-2022 13:47:27 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=638218EF-42FE722901BBAFBE-987398D; Secure; Samesite=None __l=638218EF-42FE722901BBAFBE-987398D; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 638218EF-42FE722901BBAFBE-987398D X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (27)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.159.164

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (91)

Overview

Domain Summary (27)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.159.164

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (91)

Network Intrusion Detection Systems