1d6cfcf9872.tcleads.net/
94.237.103.119200 OK 419 B IP 94.237.103.119:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (312)
Hash 391676e141d54126fe99444430782f2e
799a58fa3d5393d0197f6c87c3553f80e95a5c18
bc88e3c90acfc5fa18223253c2f1b3dbb86758df5bb7f196d61798b309748372
GET / HTTP/1.1
Host: 1d6cfcf9872.tcleads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 15:57:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: rts-trck=1; expires=Sun, 11-Dec-2022 16:07:14 GMT; Max-Age=600; path=/; domain=1d6cfcf9872.tcleads.net
t-uuid=5x7fier5iaurlnwe9dlc8w0ss; expires=Sat, 11-Dec-2032 15:57:14 GMT; Max-Age=315619200; path=/; domain=.tcleads.net
rts-trck=1; expires=Sun, 11-Dec-2022 16:07:14 GMT; Max-Age=600; path=/; domain=1d6cfcf9872.tcleads.net
traffic-back=ok; expires=Sun, 11-Dec-2022 15:57:44 GMT; Max-Age=30; path=/; domain=.tcleads.net
Last-Modified: Sun, 11 Dec 2022 15:57:14 GMT
Expires: Sun, 11 Dec 2022 15:57:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12950
Expires: Sun, 11 Dec 2022 19:33:04 GMT
Date: Sun, 11 Dec 2022 15:57:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12371
Expires: Sun, 11 Dec 2022 19:23:25 GMT
Date: Sun, 11 Dec 2022 15:57:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 11 Dec 2022 15:08:31 GMT
content-type: application/json
age: 2923
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2607
Expires: Sun, 11 Dec 2022 16:40:41 GMT
Date: Sun, 11 Dec 2022 15:57:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PmrOO5cIG2h4pi8wPdsRUP1vXs6qGebLy3HNNNBjOCns2Ixx123OhfoGyLuf9Wpu0GutdzDngi4=
x-amz-request-id: DBQW9SHHJY2DA45J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 11 Dec 2022 15:49:15 GMT
age: 479
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 15:57:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 11 Dec 2022 15:33:16 GMT
age: 1438
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid=
107.20.106.95302 Moved Temporarily 142 B URL HTTP/1.1 brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid=
IP 107.20.106.95:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid= HTTP/1.1
Host: brko.admobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sun, 11 Dec 2022 15:57:14 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://setupquickoverlyinfo-file.info/AwR4W9Y0QIvZOc5KY6gJGcNl8ml7ZKa63cuRV8YFs6w?clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid=
Access-Control-Allow-Origin: *
Server: nginx
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2087
Cache-Control: max-age=150268
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:15 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:41:43 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZcA1ePXNgloyiSp1rnxUVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5hhbKoJM28R1mqIN1DhfwZrDKSM=
setupquickoverlyinfo-file.info/AwR4W9Y0QIvZOc5KY6gJGcNl8ml7ZKa63cuRV8YFs6w?clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid=
3.226.146.143302 Moved Temporarily 142 B URL HTTP/1.1 setupquickoverlyinfo-file.info/AwR4W9Y0QIvZOc5KY6gJGcNl8ml7ZKa63cuRV8YFs6w?clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid=
IP 3.226.146.143:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
Analyzer Verdict Alert quad9 Sinkholed
GET /AwR4W9Y0QIvZOc5KY6gJGcNl8ml7ZKa63cuRV8YFs6w?clck=5x7fier5c32jz9qlhhwowoowk,16543791,5,&sid= HTTP/1.1
Host: setupquickoverlyinfo-file.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sun, 11 Dec 2022 15:57:15 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=MlKD3YVdjWVK7d2Ta9bs9xkBf5KcKP5O&sub2=
Set-Cookie: session=MlKD3YVdjWVK7d2Ta9bs9xkBf5KcKP5O
Server: nginx
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 98533423b37be2813a5e798eb710ad10
3ce63f547452a8a1cd1fbc35c34e9d7021e66395
93a636ac5db7f246a34a9f39db9fd3db5e0cbb1eef38dddb6861387120e5e948
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 15:57:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 15:34:04 GMT
Expires: Sat, 17 Dec 2022 15:34:03 GMT
Etag: "3ce63f547452a8a1cd1fbc35c34e9d7021e66395"
Cache-Control: max-age=516407,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777f6a3d1d881c16-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2ee3edebba28ce50b04a430999d33242
bcd57d5a63ce74b333b97dc5c973948952791e6b
f28f175d7d77d9f7e2cc46c947f44ed7563eb68a10d3759c24d290b912abb0fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F28F175D7D77D9F7E2CC46C947F44ED7563EB68A10D3759C24D290B912ABB0FA"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1956
Expires: Sun, 11 Dec 2022 16:29:52 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_&s3=6395fddc081c500001b6525b
188.72.236.34200 OK 5.9 kB URL HTTP/1.1 startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_&s3=6395fddc081c500001b6525b
IP 188.72.236.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5876), with no line terminators
Hash 0eeae1928b997e0103cf425c719b1d38
ec80b503ec4b21e15155139ef36016f38633258f
7a4a51d52c0bdc2f901bd76e77a53794d7ca9047f312cf3da89f54958b973c6a
GET /GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_&s3=6395fddc081c500001b6525b HTTP/1.1
Host: startd0wnload22x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Dec 2022 15:57:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bd_context=kDY3zM/QdSbzhLRLm19rd+rLf/1y1ykGAnhUE17LuFa5A5dw9K8ocoBC4yrX49c0iQhdoyQeFCznN1W/Mk7bGiN9WnZ+QePyU8OfPFDe4dyFMhFC/iOkkEwXuL0NIsd9/TspzJ7TIuWX5W3MZ9oSicSfWMjmvYRsfSpfyXvQNuIqUu9J3c+ChOboq3nGLFs+FVCVIY0EmuX5QdZJCqKAt1ptP9WmF+Eu59UT9eZPD9xbbHxNXNDCShCJ6ZbcEU8NKris2WyR5c9VPMOwLfNUm0CSP5csRXnB+tS3Z3OHJrsfIQ+E5FRyMllikV7ZHt50wr1lA7654ZWcWA==; Expires=Mon, 11 Dec 2023 15:57:16 GMT
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76f079c96685d73087dc97145d4b7932
51e39fc6426ef67287f3676fde12f65acca40a0e
8af1b2b96f60f4ea2331735f7a6913383bd20e8b54839cdae9ae7612a816b1b7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AF1B2B96F60F4EA2331735F7A6913383BD20E8B54839CDAE9AE7612A816B1B7"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1862
Expires: Sun, 11 Dec 2022 16:28:18 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76f079c96685d73087dc97145d4b7932
51e39fc6426ef67287f3676fde12f65acca40a0e
8af1b2b96f60f4ea2331735f7a6913383bd20e8b54839cdae9ae7612a816b1b7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AF1B2B96F60F4EA2331735F7A6913383BD20E8B54839CDAE9AE7612A816B1B7"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15710
Expires: Sun, 11 Dec 2022 20:19:06 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13061
Expires: Sun, 11 Dec 2022 19:34:57 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13061
Expires: Sun, 11 Dec 2022 19:34:57 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13061
Expires: Sun, 11 Dec 2022 19:34:57 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13061
Expires: Sun, 11 Dec 2022 19:34:57 GMT
Date: Sun, 11 Dec 2022 15:57:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78068ece5c05e5936bfc1eac61c627f8
0c1118eaf153c16f6bcb731767b1237ee72a5541
9b7f84ec789ec853dc463e5839c63d8395e8921cc0599b8b7e694eebb1d22b9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92a308f9-a83f-41bd-aacf-c6bd9e6eaf11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6850
x-amzn-requestid: a7a24880-17cf-4873-9da2-1cdedb1d351b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWC5GsFIAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6a12-186b17d55261c18243dc0302;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:00:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0o7IBdTij9xmRQK0w1ErdgWrwkWJIILBJKtd0nwmQGDurfi_VQN1iw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 13:56:19 GMT
age: 7257
etag: "0c1118eaf153c16f6bcb731767b1237ee72a5541"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WNDIG6TS5ADSskNQmMZjuNmw03SwD_NfSBHNFKVkeU0lVM3b9MGKUw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 15:33:11 GMT
age: 1445
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5cde719-15a8-4518-857a-e707925d9d79.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5cde719-15a8-4518-857a-e707925d9d79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4b7b4b35c18ae104bb42146c3c02326
9067f637f60c3c00f4fb87f42e87cb9b870224e7
79f73d86a26383d70f68d4c4305aa47a3fbf32ee442628cfa86d2e6e354e4fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5cde719-15a8-4518-857a-e707925d9d79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10219
x-amzn-requestid: 118fcb2a-40f6-47c2-a79e-5167a437bde6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c7PKbH-lIAMFu9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63945f0f-75dbdacc071960480fb27feb;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 10:27:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zON-JbbFnQBYzfW6L1pZKEnGKgQV8YrMEf1lPIhwNFkEc2wjukCYHA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "9067f637f60c3c00f4fb87f42e87cb9b870224e7"
content-type: image/jpeg
age: 65915
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SG-8rL_rUN3MpXHhkAaHmIqKf7mSHtv0kEAkBOAIPcqq755Qh-mc3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
age: 65915
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f01260130a9ea66e994137a2ac221122
85e58c55619e2cc855ff9dc5861e70be682bb247
987e83bd21ee86ba8384e5b28ab4e5536fc17c290d2e34f31734358208b246c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 3b956935-0d79-4261-845f-df3684758cd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83HuGTDIAMF77g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950564-759a4eec01b8fa2e6ced2fb1;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:17:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b-4z9EOV7HU3RuLlDd0NF5-AEB14E1dL6WHbSy0dzNKoVKhABaqAYw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 13:40:21 GMT
age: 8215
etag: "85e58c55619e2cc855ff9dc5861e70be682bb247"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaa3b191-2ccf-43a7-98dc-75eb1a8968b6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaa3b191-2ccf-43a7-98dc-75eb1a8968b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a1d9ee9604803ac5d63a3806a2ef506
6c378dcff1d9fe7585312bed9dad74a64730f9e0
a3a99498c052c9b998816dd688a9a790fd5b59b9c9f8017af7591cd5537f72d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaa3b191-2ccf-43a7-98dc-75eb1a8968b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11520
x-amzn-requestid: 02c1a493-e1bb-4db4-a628-d8c79def1607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xTBEAxoAMF7Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc13-4f35a8f837675761185ce4ad;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PEeF3P6XjtEsFq418c-VrkvkTetvPYmgqX2iPy4nu8YIXwOx8FLU0g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "6c378dcff1d9fe7585312bed9dad74a64730f9e0"
content-type: image/jpeg
age: 65915
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
funkydaters.com/static/js/build/bd.js
104.21.83.86200 OK 4.0 kB URL HTTP/2 funkydaters.com/static/js/build/bd.js
IP 104.21.83.86:0
File type ASCII text, with very long lines (8033)
Hash 502ff1b63d6355afae0feb055f0b5813
578f97464203c8baeb21d1761dd6a74ba727cef5
0e8d054b6b48286db115c30c138727bd6aa4a1d24b705dece7a59b1a0151e58f
GET /static/js/build/bd.js HTTP/1.1
Host: funkydaters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://funkydaters.com/nwAA?prid=ANz9lWMPKgUAmFYCAE5PFwAMACRcqm4A&usid=338447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 15:57:16 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 777f6a42af95b51d-OSL
age: 148945
etag: W/"static/js/build/bd.3ad9d77bdd.js"
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCXH13L12EKR8QQSXLEtktOb4KsJYZ7%2FjT5CcYakIRMdFBO0KEIXkd5LzW4p4GejcxBrDBnr9j9FNhgw72Eo8p06mZpBV0k2IukMiy%2BHJGjtgXIZdd1ZkM8h20g7l2W20uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alexatracker.com/?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS9ud0FBP3ByaWQ9QU56OWxXTVBLZ1VBbUZZQ0FFNVBGd0FNQUNSY3FtNEEmdXNpZD0zMzg0NDcmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=e5a4d842188b04124a6d9d355871a55d
172.67.204.112301 Moved Permanently 0 B URL HTTP/2 alexatracker.com/?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS9ud0FBP3ByaWQ9QU56OWxXTVBLZ1VBbUZZQ0FFNVBGd0FNQUNSY3FtNEEmdXNpZD0zMzg0NDcmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=e5a4d842188b04124a6d9d355871a55d
IP 172.67.204.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS9ud0FBP3ByaWQ9QU56OWxXTVBLZ1VBbUZZQ0FFNVBGd0FNQUNSY3FtNEEmdXNpZD0zMzg0NDcmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=e5a4d842188b04124a6d9d355871a55d HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://funkydaters.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 11 Dec 2022 15:57:17 GMT
content-length: 0
location: https://www2.funkydaters.com/nwAA?prid=ANz9lWMPKgUAmFYCAE5PFwAMACRcqm4A&usid=338447&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=8999179281159814621&c=2065772569
set-cookie: trbarid=8999179281159814621;expires=Tue, 10 Dec 2024 15:57:17 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Zii69lql67Ltwa33C1CL7pVAfzjXqjMWS63rKLt8wViEYFfjwwtN445fEX2d63UCLzoMugmcX%2BD1GMDXohnr9zBnJLUtc7zv24nXhcG34vyiSNY8qd%2FxAFnLtYYZtcvE%2BUs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 777f6a4798c7b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP 142.250.74.131:0
Hash 5076d3de219f7aada7c0f193bd00ed66
02687f080133e89a17cee8703e9ef0a0e8c2d079
ba3d1dc274701b7761f26da3fa42ba5577640f89e0f9e781df4a15dd1693c824
POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 148cf224470f6c80685cbb807e526f83
d02cd85bbbe8c569084f74ad82e6b3eb2d19f7ad
34bb139c810c740a8dfdc6ec5b689108f5abbb95503526f8de7fc6d14c4c2d47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34BB139C810C740A8DFDC6EC5B689108F5ABBB95503526F8DE7FC6D14C4C2D47"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18003
Expires: Sun, 11 Dec 2022 20:57:21 GMT
Date: Sun, 11 Dec 2022 15:57:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
151.101.66.217200 OK 1.0 kB URL HTTP/2 js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (512)
Hash db06df8af82b4cec615409bc6cc32d71
2035f756879bd451bea511b68b4a898228073379
6e77e37dc63249c76ffc80e775aecfcf9407c9c4660274ef3681c4ba80fdc0b0
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 11
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 15:57:18 GMT
age: 46
x-served-by: getsentry-web-default-common-production-6855444f65-pm4hw, cache-bma1659-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1020
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 21:57:45 GMT
expires: Wed, 06 Dec 2023 21:57:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 410373
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/style.css
54.39.22.228200 OK 9.9 kB URL HTTP/2 her-cupid.com/static/CwAA/style.css
IP 54.39.22.228:0
File type ASCII text, with very long lines (325), with CRLF line terminators
Hash 1d2c185bd5d17acd4a3df39e9d7cb412
6e71b3678c2b6c28f970fd7927329d84462435ab
c02bad3cad8d508c6bc1820640f26a54a5a29ec7b4ebbbec97dec1b25bd697fc
GET /static/CwAA/style.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: text/css
content-length: 9875
last-modified: Tue, 08 Sep 2020 06:39:23 GMT
etag: "5f57271b-2693"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
browser.sentry-cdn.com/7.24.2/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.24.2/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62680)
Hash 551c02d0927c4ba053990336c36f3a64
ed6d57ba5563e7308b647a418322caad40fdb9a1
98760f96d0acb8b3c7ef2890d54780f6637dfa54259e5fe32a619fa00e0459ad
GET /7.24.2/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 21:04:45 GMT
last-modified: Wed, 07 Dec 2022 19:02:53 GMT
etag: "551c02d0927c4ba053990336c36f3a64"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 15:57:18 GMT
age: 327153
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20371
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16ff4c08e1b92cf67de56a960e2c8598
282c2ce0026213136b5f242317f069ebcb602a6d
ff3336f3579b01131e493e53a3684f7b7f0e8fc5a68b78b92a8af84265b12ca4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4928
Cache-Control: max-age=150252
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Etag: "6395928a-117"
Expires: Tue, 13 Dec 2022 09:41:30 GMT
Last-Modified: Sun, 11 Dec 2022 08:19:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16ff4c08e1b92cf67de56a960e2c8598
282c2ce0026213136b5f242317f069ebcb602a6d
ff3336f3579b01131e493e53a3684f7b7f0e8fc5a68b78b92a8af84265b12ca4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4928
Cache-Control: max-age=150252
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Etag: "6395928a-117"
Expires: Tue, 13 Dec 2022 09:41:30 GMT
Last-Modified: Sun, 11 Dec 2022 08:19:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg
54.39.22.228200 OK 55 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash fa01fa59dbac8ca19bec2ea30b450486
c1d9b772a96e40adf02900f244f11cec1e48a473
ae1520feca162e3c50842ca5d42a91e94b79d77932a127241da21f789542b765
GET /static/CwAA/pics-for-bg/pic-4.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 55031
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d6f7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Oswald:700
142.250.74.106200 OK 31 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald:700
IP 142.250.74.106:0
Hash 910b56d7240c757bec18fbfba0322e90
25aec2269c0ae925a9931d179ca53223be6b7c0f
2e1d7d7b75f160d0a3f5e1122f89b4dc69fd977630d446b8dedaaab8f04b970c
GET /css?family=Oswald:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Dec 2022 15:57:18 GMT
date: Sun, 11 Dec 2022 15:57:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d46e083dd5a499da497517d4d5ed8e8
6393137eb92a3ec2a54b9d68a0396ed49cbf1421
748fe3dd7142d87c152530f46023afcbfff0dd4c16704c458976ffa8edb32e6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "748FE3DD7142D87C152530F46023AFCBFFF0DD4C16704C458976FFA8EDB32E6D"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14864
Expires: Sun, 11 Dec 2022 20:05:02 GMT
Date: Sun, 11 Dec 2022 15:57:18 GMT
Connection: keep-alive
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
142.250.74.35200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:25 GMT
expires: Sat, 09 Dec 2023 13:33:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
age: 181433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 784e0439ec6be7b4ca1312cd7cfae85b
18dad06db451855d3009aa3207d868895c577666
6369a3e27c976088b4dda95da9422fdb201979fedfcb4edf9db60089fd9ea53b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.24.2
34.120.195.249200 OK 2 B URL HTTP/2 o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.24.2
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.24.2 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.162.28204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.162.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Dec 2022 15:57:18 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX%2Bz0dSzpAvJel2VcPozLrMfXKEhAmeX0uyLV%2BWbLUwXwpQr1hFDLMXgXzrlLjRBdmtDj1AEDxE8rzhkJs3hhvjh8gWszDxezpy3XAKwvI2qKaIVG2zGi2NVDrTCN1oVFLlk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777f6a4f4d807761-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d46e083dd5a499da497517d4d5ed8e8
6393137eb92a3ec2a54b9d68a0396ed49cbf1421
748fe3dd7142d87c152530f46023afcbfff0dd4c16704c458976ffa8edb32e6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "748FE3DD7142D87C152530F46023AFCBFFF0DD4C16704C458976FFA8EDB32E6D"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14864
Expires: Sun, 11 Dec 2022 20:05:02 GMT
Date: Sun, 11 Dec 2022 15:57:18 GMT
Connection: keep-alive
her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg
54.39.22.228200 OK 50 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 00fc610b7933ded2593af9378c4c8379
a3a920071f0f794f6967b738758918b889fdfd6e
605996ed01380c0d76d395e65e901b14414eac8936e83dbe373cf57dd9463613
GET /static/CwAA/pics-for-bg/pic-6.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 49563
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c19b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-8.jpg
54.39.22.228200 OK 39 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-8.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash d826b4f3a7fa924e8c571d046d1fc762
ac4c5a58d67d9a412541517c23dfca55a2f565c2
d934f9611bf8239c4ca30c4fd5401071db4843b09d658d8cb39fd5445739d879
GET /static/CwAA/pics-for-bg/pic-8.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 39107
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-98c3"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 16ff4c08e1b92cf67de56a960e2c8598
282c2ce0026213136b5f242317f069ebcb602a6d
ff3336f3579b01131e493e53a3684f7b7f0e8fc5a68b78b92a8af84265b12ca4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4928
Cache-Control: max-age=150252
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:18 GMT
Etag: "6395928a-117"
Expires: Tue, 13 Dec 2022 09:41:30 GMT
Last-Modified: Sun, 11 Dec 2022 08:19:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg
54.39.22.228200 OK 51 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash e56961a7f01f44e3bbc9fc03dbcf2ac0
f935d9fc22696e47d78ca9d6f015969633591489
35739ae651a2091be2c373a2e3d2c86bd4583f5fd3ad96067fb1f8002ab9850d
GET /static/CwAA/pics-for-bg/pic-10.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 50780
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c65c"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/3-1.png
54.39.22.228200 OK 480 B URL HTTP/2 her-cupid.com/static/CwAA/3-1.png
IP 54.39.22.228:0
File type PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 37ad09484eb1a7e103c1bba69ec3408d
950c14767d959c154d2ba2ceaa7867b8809731e5
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/CwAA/3-1.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/png
content-length: 480
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1e0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/3-2.png
54.39.22.228200 OK 535 B URL HTTP/2 her-cupid.com/static/CwAA/3-2.png
IP 54.39.22.228:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7621845db78d7540608060c63a721252
b24bca5f9e3ca0daf6f0f4822d66febc5c65d169
5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/CwAA/3-2.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/png
content-length: 535
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-217"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg
54.39.22.228200 OK 48 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 140c85c3b374c0ff0f50f83bdd87c5be
126970cdb5429e49840044bf30a6caa0cbb7b2f8
ca3c90d63dd1d7e265de801f3f51ae965530df2d699c030db3e0703ced1ba185
GET /static/CwAA/pics-for-bg/pic-15.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 47718
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ba66"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg
54.39.22.228200 OK 45 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 24ac863c446ae055175737a63f304206
6dad9e555a4750b540f9757804e1be210362d08b
07add9a7a985365f8831e5f04501bdef8cea86227ebaa46149474969948ceb40
GET /static/CwAA/pics-for-bg/pic-16.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 44875
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-af4b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg
54.39.22.228200 OK 42 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 60301767b2e95fe25371e6cd1a3eec71
88b805c652bcb60e452372cae923b27ddd2f345a
66db06fcfa31eb06172db01df625bf87d5edc4df96c69eead4fae277d61194c5
GET /static/CwAA/pics-for-bg/pic-19.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 41660
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a2bc"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg
54.39.22.228200 OK 42 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash e6a3be4dec34551954b50f114077dd0d
8f36c2e887e8a4170528ec359b51715836e71353
603d038db14b1e0bb35ebc48e8144d17c1d9a5d261bf5414cd2cf7ea77337c57
GET /static/CwAA/pics-for-bg/pic-21.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 42527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a61f"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg
54.39.22.228200 OK 54 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 62a2ff40f30e4fe6a689298d987549e1
14e60f6736e93549c767bdc27aeeae7061dc3991
7067e6c93aab43f6d10f69f4be841036419ed65fa025d2cbf62abe45b783b0b1
GET /static/CwAA/pics-for-bg/pic-22.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 53879
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d277"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg
54.39.22.228200 OK 54 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 305c9be3df92bc9ee5d4115629c5ad8c
5cec66d98bcbca3dcf5a4c0227ec795d631d04da
65cb2c84af57882a7394295d8bfef3149dec2aadf873be01cc5db6a415ec9aab
GET /static/CwAA/pics-for-bg/pic-23.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 54527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d4ff"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg
54.39.22.228200 OK 44 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 0c8398d5d3a2293bec58febb89ee6477
0323bbe1f567b309c329190eab457692485e44f5
8e5492174e33b6be299176a4329971092886392c66736ee656d8b0aba57dc544
GET /static/CwAA/pics-for-bg/pic-25.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 43558
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-aa26"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg
54.39.22.228200 OK 44 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash b7a5bec57ebcd2b40491c5cc6ddd6609
2efc068fe606ed088deac615c13500790e1e341b
4c8da6f18010f5fa87e2342bc7d0f0caef4d10dc516a4af19002d1847630957c
GET /static/CwAA/pics-for-bg/pic-28.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 43858
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ab52"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
funkydaters.com/nwAA?prid=ANz9lWMPKgUAmFYCAE5PFwAMACRcqm4A&usid=338447
104.21.83.86200 OK 68 kB URL HTTP/2 funkydaters.com/nwAA?prid=ANz9lWMPKgUAmFYCAE5PFwAMACRcqm4A&usid=338447
IP 104.21.83.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 84b888bb89af1471e2ab5a56ba780f8c
c20e88b98802ff74ed0e20c9bbf8324ccfa8ca93
5556656f128d8742dbddf1b22a102625565806d3bc453d6a9d7eb44104fbd4d3
GET /nwAA?prid=ANz9lWMPKgUAmFYCAE5PFwAMACRcqm4A&usid=338447 HTTP/1.1
Host: funkydaters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://startd0wnload22x.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 15:57:16 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr7t0oM0tpdWq8wubH4f3EzFZCC6jPJhhlnhiVKm99VfGcZDcMB27CnkY5a9%2FJUAaLzUUbe2jEdMCd9TNkKkgCkAVD1gNHMflYVKJh%2FKRQoJ%2BeRICcF6lqeydjznSI5eIuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 777f6a424f46b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg
54.39.22.228200 OK 66 kB URL HTTP/2 her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Hash 9d40cd92f7f69377cded2d10580ab94b
c77534ebc40019f634249ebef2cc82137d90ffc0
0d142bdaa805393d725be9f207a25d2e40570aa808240728f5d863a12f47e8ef
GET /static/CwAA/pics-for-bg/pic-13.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/jpeg
content-length: 66094
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-1022e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 4b7ba70903a18d11369860b279a1d2c5
7329eb78097dfb42b9209a526ebb19a8b97b6d1b
d718e576a87305519efbfbf65532770e4df2a406f5e8555b39a2d82b48a91937
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3286
Cache-Control: max-age=103217
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 15:57:19 GMT
Etag: "6394e13a-138"
Expires: Mon, 12 Dec 2022 20:37:36 GMT
Last-Modified: Sat, 10 Dec 2022 19:42:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 312
her-cupid.com/static/CwAA/favicon-150x150.png
54.39.22.228200 OK 7.0 kB URL HTTP/2 her-cupid.com/static/CwAA/favicon-150x150.png
IP 54.39.22.228:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f19d6f44b496c9dedce8b96bd0f5f829
c887ac358a0c8d6979f8b67013954aa8cf4ab1c8
97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78
GET /static/CwAA/favicon-150x150.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/png
content-length: 7017
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1b69"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/CwAA/favicon-16x16.png
54.39.22.228200 OK 1.3 kB URL HTTP/2 her-cupid.com/static/CwAA/favicon-16x16.png
IP 54.39.22.228:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash fa61744c0140328a533d26bc93753134
ea2b1d32e78280d8207a32aa6214263db134123e
2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97
GET /static/CwAA/favicon-16x16.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-4f0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5141debd464fc4cca7bc23cd7e2118b1
b2f92478c639b6ecb8089fc24a5dde29b98181fe
fb355da32526a46034c0ac838d376ce2d26d722aabb40996206b602a52b1c838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB355DA32526A46034C0AC838D376CE2D26D722AABB40996206B602A52B1C838"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18371
Expires: Sun, 11 Dec 2022 21:03:30 GMT
Date: Sun, 11 Dec 2022 15:57:19 GMT
Connection: keep-alive
app.api-push.com/get-keys
172.64.162.28200 OK 964 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.162.28:0
File type JSON data\012- , ASCII text, with very long lines (1940), with no line terminators
Hash 53edd0c30e44ab3e455de7ef09786598
63279e2e821eaee53c8a00bf7d0399e1d03c1811
233c5c347c7113d4dd2cd3899d30c1483ae03b6009d4f812f8e22c3ad6c9ff45
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipYImlUXhu1ZeHNP1j3%2FoCg80j0BCzWtiU12f8rXGVN84bUZvGRO4%2BHoVkbRcSzLlmanrtI6PWKtRnageL5sJcfiTar0qwgQBV1LPykBBZSZIjG0Z8IXlS8iZi9IIzHO9ByI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777f6a4fde4e7761-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pornhubpremium.com/user/security/1111
66.254.114.33302 Found 0 B URL HTTP/1.1 www.pornhubpremium.com/user/security/1111
IP 66.254.114.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user/security/1111 HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
server: openresty
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 12-Dec-2022 15:57:19 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Sun, 18-Dec-2022 15:57:19 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
bs=h7ln59fjcmj440hczmipbq8q7yhhc4jq; expires=Wed, 08-Dec-2032 15:57:19 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None
ss=787200104087870515; expires=Mon, 11-Dec-2023 15:57:19 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=EfMO9yqjDsnpuLk4Fn1Yj80FRX7L3O6ypGtgfwIIxk_41dXmrB3Zq1lXu35ugrhS
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6395FDDF-42FE722101BB7940-AB08A81
www.pornhubpremium.com/premium/login?redirect=EfMO9yqjDsnpuLk4Fn1Yj80FRX7L3O6ypGtgfwIIxk_41dXmrB3Zq1lXu35ugrhS
66.254.114.33200 OK 7.8 kB URL HTTP/1.1 www.pornhubpremium.com/premium/login?redirect=EfMO9yqjDsnpuLk4Fn1Yj80FRX7L3O6ypGtgfwIIxk_41dXmrB3Zq1lXu35ugrhS
IP 66.254.114.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)
Hash 34829dee9b8ee685fcd732e79179d367
94f15a4f281ced5fe5c4f7e4479e88a950c2d8c6
04a2cb3f197423c6f34d9ed974799451edb42ea960d02bd9a2f4711ac037440e
GET /premium/login?redirect=EfMO9yqjDsnpuLk4Fn1Yj80FRX7L3O6ypGtgfwIIxk_41dXmrB3Zq1lXu35ugrhS HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=h7ln59fjcmj440hczmipbq8q7yhhc4jq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-trace: 2B6910F43289A8F813B76A93433979319A50803611A1EBC8431716379800
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 12-Dec-2022 15:57:19 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Sun, 18-Dec-2022 15:57:19 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=989320957349645286; expires=Mon, 11-Dec-2023 15:57:19 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=78327.100000; expires=Tue, 10-Jan-2023 15:57:19 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Tue, 10-Jan-2023 15:57:19 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6395FDDF-42FE722101BB7940-AB08AFE
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 46192201a21accaf411650bf89acc2ff
250648d8a82b15fe3828e81b9981c3dd3fdee5ff
f6d02a536584f32c306a92467cd6c4809d519934296418674feedcb9adf9a076
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 15:57:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 07:48:06 GMT
Expires: Sat, 17 Dec 2022 07:48:05 GMT
Etag: "250648d8a82b15fe3828e81b9981c3dd3fdee5ff"
Cache-Control: max-age=488445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777f6a51f8ba1c16-OSL
www.xvideos.com/favorite/90902157/mk_1123
185.88.181.10404 Not Found 26 kB URL HTTP/1.1 www.xvideos.com/favorite/90902157/mk_1123
IP 185.88.181.10:0
ASN #46652 SERVERSTACK-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8638)
Hash b6f6454f5ff6cea03eecd494ec195e57
fd0f4386befdc51c254ec111ddfb9f6b7bdcde89
587bd0f8376db979e93b909fac3600753036eb7f4fe677161cb1119d24774ee2
GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Sun, 11 Dec 2022 15:57:19 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.adworldmedia.com as.air2s.com cretgate.com mysexchatroom.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net bngpst.com trknex.com afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=75a97b79aa09c9a2t2_bn1p0UEfNoquvDG1gqzu_OlnLUnkuJNkh2oHDQAibcr_QooD2F8Ii6ujy7D0kDmm2ZZB9rAYLFfF-x90F5K36hfYbnzmIQUY-eAGJoneFFJjd4CZZLDswmYGGD0WaVNs-fZH6yaa3gcG7o2Af6wwBJk7mYVNegUEhv_QUEisyYg8Fx21HgyTmGJpukT7I; expires=Tue, 10-Jan-2023 15:57:19 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx
her-cupid.com/stats
54.39.22.228200 OK 5.9 kB IP 54.39.22.228:0
Hash 179a154eb0083e6b40c81d4fe92411e0
6c57aad38a64fc225e762c1bd795cbc5208d6fcc
b875eaa78ba373c317f0c768cca2a7eab9d1755b7dd40e7e735a2278362eca50
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 578
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6eyJ0cmFmZmljV2l0aEVtYWlsQ2FzY2FkZUlkIjp0cnVlLCJyZWFsVXNlcnNDYXNjYWRlSWQiOnRydWUsIm1haW5DYXNjYWRlIjp0cnVlLCJiYWNrQ2FzY2FkZSI6dHJ1ZSwic2Vjb25kQ2xpY2tDYXNjYWRlIjp0cnVlLCJwb3BzQ2FzY2FkZSI6dHJ1ZSwicG9wc0NvdW50IjoxfSwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjcxOTM5NDIyNTAxOX0=; userid=80ccf4be5165c00cd244b5d8d4e2cb0dd5be7e959722ca110c7a0517ed2aa7a6a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A719394225019%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
her-cupid.com/stats
54.39.22.228200 OK 0 B IP 54.39.22.228:0
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTY2NCwiZG9tSW50ZXJhY3RpdmUiOjE4NzAsImRvbUNvbXBsZXRlIjoyMjk0fX0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
her-cupid.com/stats
54.39.22.228200 OK 0 B IP 54.39.22.228:0
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 301
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9fQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
track.gositego.live/click?pid=3664&offer_id=17742&sub1=MlKD3YVdjWVK7d2Ta9bs9xkBf5KcKP5O&sub2=
34.91.234.242200 OK 0 B URL HTTP/2 track.gositego.live/click?pid=3664&offer_id=17742&sub1=MlKD3YVdjWVK7d2Ta9bs9xkBf5KcKP5O&sub2=
IP 34.91.234.242:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /click?pid=3664&offer_id=17742&sub1=MlKD3YVdjWVK7d2Ta9bs9xkBf5KcKP5O&sub2= HTTP/1.1
Host: track.gositego.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 15:57:16 GMT
content-type: text/html; charset=utf-8
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6395fddc081c500001b6525b; expires=Mon, 11 Dec 2023 15:57:16 GMT; secure; SameSite=None
afoffers={"17742":1670774236}; expires=Mon, 11 Dec 2023 15:57:16 GMT; secure; SameSite=None
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjam.com/cdn/push.min.js
104.21.58.242200 OK 0 B URL HTTP/2 cdnjam.com/cdn/push.min.js
IP 104.21.58.242:0
GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 2864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLl26V1b0yPFuDsKouw410gvv21pKZ3Nnph7h6thVw0hfRqA8ld14MEWcPvOaK1OqDRLxysj%2Fl8vFY3yzJ40SIbmk01vN8r%2F1Z8tdRu3m36Eh35ns2M1pe7AT3lv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777f6a4e0f9ab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
her-cupid.com/DgAA/10064/oth?i=dwzM9WOV_d0&u=8999179281159814621
54.39.22.228200 OK 0 B URL HTTP/2 her-cupid.com/DgAA/10064/oth?i=dwzM9WOV_d0&u=8999179281159814621
IP 54.39.22.228:0
GET /DgAA/10064/oth?i=dwzM9WOV_d0&u=8999179281159814621 HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://funkydaters.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.pornhub.com/login
66.254.114.41200 OK 0 B IP 66.254.114.41:0
GET /login HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=3xowu6o52tk5m1wd7o1rcpqzi0d2331c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 12-Dec-2022 15:57:19 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Sun, 18-Dec-2022 15:57:19 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=484914259597320525; expires=Mon, 11-Dec-2023 15:57:19 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=46175.100000; expires=Tue, 10-Jan-2023 15:57:19 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6395FDDF-42FE722901BB9A69-AAAD4FB; Secure; Samesite=None
__l=6395FDDF-42FE722901BB9A69-AAAD4FB; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6395FDDF-42FE722901BB9A69-AAAD4FB
X-Firefox-Spdy: h2
www.pornhub.com/video/manage?o=mr&t=pr2
66.254.114.41302 Found 0 B URL HTTP/2 www.pornhub.com/video/manage?o=mr&t=pr2
IP 66.254.114.41:0
GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 12-Dec-2022 15:57:19 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Sun, 18-Dec-2022 15:57:19 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=3xowu6o52tk5m1wd7o1rcpqzi0d2331c; expires=Wed, 08-Dec-2032 15:57:19 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=571428833203278422; expires=Mon, 11-Dec-2023 15:57:19 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=36199.100000; expires=Tue, 10-Jan-2023 15:57:19 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6395FDDF-42FE722901BB9A69-AAAD494; Secure; Samesite=None
__l=6395FDDF-42FE722901BB9A69-AAAD494; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6395FDDF-42FE722901BB9A69-AAAD494
X-Firefox-Spdy: h2
her-cupid.com/user-id?nbl=&impression=dwzM9WOV_d0&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Foth%3Fi%3DdwzM9WOV_d0%26u%3D8999179281159814621&search=%3Fi%3DdwzM9WOV_d0%26u%3D8999179281159814621&contactExists=false
54.39.22.228200 OK 0 B URL HTTP/2 her-cupid.com/user-id?nbl=&impression=dwzM9WOV_d0&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Foth%3Fi%3DdwzM9WOV_d0%26u%3D8999179281159814621&search=%3Fi%3DdwzM9WOV_d0%26u%3D8999179281159814621&contactExists=false
IP 54.39.22.228:0
GET /user-id?nbl=&impression=dwzM9WOV_d0&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Foth%3Fi%3DdwzM9WOV_d0%26u%3D8999179281159814621&search=%3Fi%3DdwzM9WOV_d0%26u%3D8999179281159814621&contactExists=false HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_dwzM9WOV_d0=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJkd3pNOVdPVl9kMCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwic2VhcmNoIjoiP2k9ZHd6TTlXT1ZfZDAmdT04OTk5MTc5MjgxMTU5ODE0NjIxIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 11 Dec 2022 15:57:19 GMT
content-type: application/json; charset=UTF-8
set-cookie: userid=80ccf4be5165c00cd244b5d8d4e2cb0dd5be7e959722ca110c7a0517ed2aa7a6a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A719394225019%3B%7D; expires=Tue, 12-Dec-2023 12:13:59 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,400,700,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,400,700,900
IP 142.250.74.106:0
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Dec 2022 15:57:18 GMT
date: Sun, 11 Dec 2022 15:57:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2