urlquery - report: dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
cdnjam.com (1)	204001	2021-02-18 07:53:51 UTC	2022-11-26 07:22:02 UTC	172.67.166.71
ocsp.pki.goog (11)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-26 07:22:52 UTC	142.250.74.10
www.facebook.com (1)	99	2012-05-21 00:23:41 UTC	2021-06-08 06:38:51 UTC	31.13.72.36
lh3.google.com (1)	213	2013-06-02 21:16:56 UTC	2020-05-01 19:11:57 UTC	142.250.74.142
pornhub.com (1)	4903	2012-05-22 01:01:29 UTC	2022-11-26 06:40:09 UTC	66.254.114.41
www.pornhub.com (1)	10781	2012-05-21 06:55:53 UTC	2020-05-05 12:49:23 UTC	66.254.114.41
alexatracker.com (1)	0	2020-10-28 18:44:06 UTC	2022-11-26 06:08:43 UTC	172.67.204.112	Unknown ranking
o65532.ingest.sentry.io (1)	747982	2022-06-02 01:41:52 UTC	2022-11-26 07:22:03 UTC	34.120.195.249
www2.dateexotic.com (1)	0	2022-11-09 12:59:30 UTC	2022-11-26 09:17:44 UTC	172.67.159.164	Unknown ranking
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-26 05:33:20 UTC	34.102.187.140
e1.o.lencr.org (2)	6159	No data	No data	23.36.77.32
www.xvideos.com (1)	11464	2012-05-21 18:29:12 UTC	2020-03-18 14:38:47 UTC	185.88.181.8
js.sentry-cdn.com (1)	5259	2018-07-13 11:42:06 UTC	2022-11-26 08:58:08 UTC	151.101.66.217
her-cupid.com (14)	698724	2021-08-09 12:54:36 UTC	2022-11-26 07:21:55 UTC	54.39.22.228
fonts.gstatic.com (1)	0	2014-09-09 00:40:21 UTC	2022-11-26 10:10:14 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-26 05:33:16 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.189.139.67
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
app.api-push.com (2)	307671	2021-12-06 12:20:56 UTC	2022-11-26 07:22:03 UTC	172.64.138.29
r3.o.lencr.org (10)	344	No data	No data	23.36.76.226
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-11-26 11:14:44 UTC	142.250.74.10
browser.sentry-cdn.com (1)	4393	2018-07-13 11:42:06 UTC	2022-11-26 06:39:28 UTC	151.101.66.217
dateexotic.com (3)	0	2020-10-21 10:51:18 UTC	2022-11-26 06:06:47 UTC	104.21.34.109	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
accounts.google.com (2)	81	2016-09-05 09:39:47 UTC	2022-11-26 07:02:40 UTC	216.58.207.237
www.pornhubpremium.com (2)	142013	2014-02-24 07:26:05 UTC	2020-04-11 12:46:17 UTC	66.254.114.33
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	104.18.32.68

Scan Date	Severity	Indicator	Comment
2022-11-26	2	dateexotic.com/static/js/build/bd.js	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing
2022-11-26	2	her-cupid.com/stats	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-28 13:15:38 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=sr2f6b1ch1ln&email=s (...)	104.21.34.109
2023-01-23 06:31:47 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...)	104.21.34.109
2023-01-22 22:04:56 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3b0nm5a1bl9mr&email= (...)	104.21.34.109
2023-01-20 22:26:30 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3k6dgk11b80oo&email= (...)	104.21.34.109
2023-01-19 12:00:48 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=mfh0gi1aufq0&email=j (...)	104.21.34.109

Date	UQ / IDS / BL	URL	IP
2023-02-01 02:13:21 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/53613818594879 (...)	162.159.134.233
2023-02-01 02:13:15 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/48944676365742 (...)	162.159.133.233
2023-02-01 02:13:15 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/46518178912062 (...)	162.159.129.233
2023-02-01 02:13:10 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/37057487407651 (...)	162.159.130.233
2023-02-01 02:13:05 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/46446958166736 (...)	162.159.130.233

Date	UQ / IDS / BL	URL	IP
2023-01-31 11:04:43 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2phgvpv1csk2i&email= (...)	172.67.159.164
2023-01-31 08:08:53 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1crtqn&email= (...)	172.67.159.164
2023-01-28 13:15:38 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=sr2f6b1ch1ln&email=s (...)	104.21.34.109
2023-01-25 05:46:59 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2ph056j1b5lnr&email= (...)	172.67.159.164
2023-01-23 06:31:47 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...)	104.21.34.109

Date	UQ / IDS / BL	URL	IP
2023-01-24 22:59:28 +0000	0 - 0 - 1	her-cupid.com/DwAA/10066/hrm?i=LtKlVmPQYrI&u= (...)	54.39.22.228
2023-01-18 12:00:03 +0000	0 - 3 - 4	3rdmxia7hnyyqutest3.indomel.ga/q3bCCwDV?keywo (...)	146.190.75.35
2023-01-15 15:52:57 +0000	0 - 3 - 3	t0dwjs4fyctest3.ninfpenre.tk/TSKtBH6B?keyword (...)	146.190.75.35
2023-01-15 11:01:13 +0000	0 - 0 - 4	dateexotic.com/agEA?usid=jfkl01a8a51&email=jw (...)	104.21.34.109
2023-01-15 08:12:53 +0000	0 - 3 - 2	w57hzx72aytest3.fortteslapor.tk/TSKtBH6B?keyw (...)	146.190.75.35

Request	Response
GET /agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittingt (...) FQDN: dateexotic.com IP: 104.21.34.109 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 104.21.34.109 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 26 Nov 2022 23:47:03 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i54FhzQ684IvpslkwypiNS%2FcGFrszrF1XY7uIte1h6vVIU7m2TZbLzPJ8EuF5tA9VcRUV05XJdC9IzBPzaB%2BLrvJnHC%2FGDSWp0W%2BrvYrCnnwg26Ll627Tkm9b6TXCj7Mng%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 770681caceed0b45-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13502 Expires: Sun, 27 Nov 2022 03:32:05 GMT Date: Sat, 26 Nov 2022 23:47:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1053 Cache-Control: max-age=126098 Date: Sat, 26 Nov 2022 23:47:03 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 10:48:41 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 23:19:17 GMT cache-control: public,max-age=3600 age: 1666 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2415 Expires: Sun, 27 Nov 2022 00:27:18 GMT Date: Sat, 26 Nov 2022 23:47:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 260e9998c20d831b66f1029c8f47aac9 Sha1: 716d630f647c54dc69a7f9c63a6cac294b3df7f7 Sha256: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: j/KLwwZ7iGojusnjPGIp9n0LwBxlDhP7Y/mczAbYL1EUxsOpIYiAMxswcYAJk/8qe8SqFNhnOdE= x-amz-request-id: D3WFDH5GM43K6RJY content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 23:41:24 GMT age: 339 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 104.21.34.109 HASH: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b 104.21.34.109 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Sat, 26 Nov 2022 23:47:03 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 770681ccf84c0b45-OSL Age: 171527 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3u7GRWLAK3ZQJnWKnGYPx3Jdbtj446gF2qcYaUp9VSzFqS7V5V69mjz7c0VboZk4v3eGncDHzVrNzN068EexDRS%2BQltqPXI28oZvhCPo1CsLZJbTkFY4ry5gu0hWOT6%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3571 Md5: 896fa747a8832e6a6ac72bbbcfc917f6 Sha1: 67dc40632c900a9f84280f0898b308b8a6b3e3a5 Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 23:47:03 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15491 Expires: Sun, 27 Nov 2022 04:05:15 GMT Date: Sat, 26 Nov 2022 23:47:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 104.21.34.109 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 104.21.34.109 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 26 Nov 2022 23:47:04 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BRIIH2yCrK%2BKws%2FttN8GjBno%2BO9Ot4l0FTI3IIB8X7hlSUkzLK294mBs%2FP2ls00%2FBatSlWqzvZ7BDjsICfdsC9IabX775vG9NNxlvId1d1uKQFOmd0mbKbZycTEnzrEnA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 770681ce89640b45-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 23:11:12 GMT cache-control: public,max-age=3600 age: 2152 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3041 Cache-Control: max-age=123028 Date: Sat, 26 Nov 2022 23:47:04 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 09:57:32 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15491 Expires: Sun, 27 Nov 2022 04:05:15 GMT Date: Sat, 26 Nov 2022 23:47:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:04 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 82fcb9ec0a37e60735dbf3be57d29dfc Sha1: 4146629945a536c641483e503ee22b7ff3e58b7a Sha256: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zcmFlZnM5MTNkZ2RmJmVtYWlsPWp3aGl0dGluZ3RvbiU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9M3JhZWZzOTEzZGdkZiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=99486cb194b415d5e0af0763644dc0e2 HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 172.67.204.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.204.112 HTTP/2 301 Moved Permanently date: Sat, 26 Nov 2022 23:47:04 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington%40slurpmail.net&sub1=clear_main&prid=3raefs913dgdf&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=1879628173168256376&c=2591485379 set-cookie: trbarid=1879628173168256376;expires=Mon, 25 Nov 2024 23:47:04 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEx7u7KhqoQcZqHrEAQZ8LXuZI0l02wMCpyinm4qmx%2BZze7nlm49Xc%2Bxt25kQuWsJ4gGndx6RO0gahxBucm2ug%2FIUKOy2ZfBqM%2BUGWCDMXC2GWDUYwOvC4PqFU%2F3dmBVVrxu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 770681d22e3ab4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:04 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 82fcb9ec0a37e60735dbf3be57d29dfc Sha1: 4146629945a536c641483e503ee22b7ff3e58b7a Sha256: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: lzfOs620qL73fa88cluoRw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.189.139.67 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.189.139.67 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 1CuoIpdYDWjSu702Bpkf21t3juQ= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 50ae671bb0e4143f8e7c04cc4378a0267717608f88818899f643175b45923614 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50AE671BB0E4143F8E7C04CC4378A0267717608F88818899F643175B45923614" Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7374 Expires: Sun, 27 Nov 2022 01:49:59 GMT Date: Sat, 26 Nov 2022 23:47:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6fbcfe846f488e642e75632ecdf14f81 Sha1: 979a93f518c584e468ae7fef8f181e22a15153a1 Sha256: 50ae671bb0e4143f8e7c04cc4378a0267717608f88818899f643175b45923614
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e5c69d237270b93e20a16eb4e652097949ba86c5150585b83a08eb904a6e1a32 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1600 Cache-Control: max-age=138134 Date: Sat, 26 Nov 2022 23:47:05 GMT Etag: "638217cf-116" Expires: Mon, 28 Nov 2022 14:09:19 GMT Last-Modified: Sat, 26 Nov 2022 13:42:39 GMT Server: ECS (amb/6B75) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: db6aab5a8ad97fcd88eb84d682718c7f Sha1: 91c5fec9c3cc47d750423b41ad587ccfabae73a1 Sha256: e5c69d237270b93e20a16eb4e652097949ba86c5150585b83a08eb904a6e1a32
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js FQDN: js.sentry-cdn.com IP: 151.101.66.217 HASH: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d 151.101.66.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 11 content-encoding: gzip accept-ranges: bytes date: Sat, 26 Nov 2022 23:47:05 GMT age: 23 x-served-by: getsentry-web-default-common-production-5c68b88dcb-bjxqf, cache-bma1628-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1021 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 1021 Md5: 3b07f6f3625abf8ad4dafd7b821ad69e Sha1: 304bbec923fc251222f5d8bf87ff13244ac12201 Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.10 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.10 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 14:19:24 GMT expires: Sat, 25 Nov 2023 14:19:24 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 120461 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 300e627500a270d5e306b8aa28e363901ece76a41866ca88109c1af05cef396c 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 23:47:05 GMT date: Sat, 26 Nov 2022 23:47:05 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 853 Md5: acd144b7316773b2edf26451ef59379e Sha1: 41fe8a8130cf17464e1c0162bd585c47a8932def Sha256: 300e627500a270d5e306b8aa28e363901ece76a41866ca88109c1af05cef396c
GET /static/DAAA/css/bootstrap-reboot.min.css HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/css/bootstrap-reboot.min.css FQDN: her-cupid.com IP: 54.39.22.228 HASH: c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295 54.39.22.228 HTTP/2 200 OK content-type: text/css server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 3879 last-modified: Mon, 20 Jul 2020 11:08:38 GMT etag: "5f157b36-f27" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3498) Size: 3879 Md5: 522e4ec96bebf2d79e37786091541e21 Sha1: 0ba39cdcbb5c7006f2009e60c766e10e9691b734 Sha256: c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /static/DAAA/css/styles.css HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/css/styles.css FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa 54.39.22.228 HTTP/2 200 OK content-type: text/css server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 6183 last-modified: Tue, 21 Jul 2020 09:17:46 GMT etag: "5f16b2ba-1827" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 6183 Md5: dd208b4696de6516cf66b2a6d94d75d6 Sha1: d6e6ef2262d7ca5328bcb0a5714cbc6b1643f170 Sha256: 2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /7.21.1/bundle.es5.min.js HTTP/1.1 Host: browser.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: browser.sentry-cdn.com/7.21.1/bundle.es5.min.js FQDN: browser.sentry-cdn.com IP: 151.101.66.217 HASH: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050 151.101.66.217 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 cache-control: public, max-age=31536000 expires: Thu, 23 Nov 2023 17:02:22 GMT last-modified: Wed, 23 Nov 2022 11:53:26 GMT etag: "66704d64b742c25f1edefdf90adf3f2f" content-encoding: gzip accept-ranges: bytes date: Sat, 26 Nov 2022 23:47:05 GMT age: 283483 vary: Accept-Encoding access-control-allow-origin: * server: Fastly strict-transport-security: max-age=31536000; includeSubDomains content-length: 20162 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (62012) Size: 20162 Md5: 66704d64b742c25f1edefdf90adf3f2f Sha1: 5f54e6f7e7e066f91aa129fa2a877618916aacb1 Sha256: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "69E1D926DAD1081C729915A2EEF41939B8089821A22FBE8BAE6D225A5DE009D2" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13549 Expires: Sun, 27 Nov 2022 03:32:54 GMT Date: Sat, 26 Nov 2022 23:47:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7de0ff68ea354885043678e59df9d787 Sha1: 2916f67acc6d1bfeb2dc7815f2c460e3df07a21a Sha256: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.138.29 HTTP/2 204 No Content date: Sat, 26 Nov 2022 23:47:05 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=att87eN0wFAEu6yxcyorCaT5uMu0A42YcHEthmoo3FWLUmAX%2FKjFnaY9%2B7V9Ru0Kv2fmuWiPDLnwyb1nG3c0iUxRGcQs5W6l9XKZz%2FpdPt87IEdrV3Ei4XbGFAO1yc44oLIA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681d9faca06a2-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:40:18 GMT expires: Fri, 24 Nov 2023 16:40:18 GMT cache-control: public, max-age=31536000 age: 198407 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after vary: Origin x-envoy-upstream-service-time: 14 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "69E1D926DAD1081C729915A2EEF41939B8089821A22FBE8BAE6D225A5DE009D2" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13548 Expires: Sun, 27 Nov 2022 03:32:54 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7de0ff68ea354885043678e59df9d787 Sha1: 2916f67acc6d1bfeb2dc7815f2c460e3df07a21a Sha256: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2
GET /static/DAAA/img/set-1/small/img-5.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/small/img-5.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 6194 last-modified: Mon, 20 Jul 2020 14:22:14 GMT etag: "5f15a896-1832" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x120, components 3\012- data Size: 6194 Md5: 89549bd65753a0f0e1b09e6bf90ed0d5 Sha1: 44ae3f09c9696ff83ab4ce4ca9bd3eaf2d62ab98 Sha256: 1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10944 x-amzn-requestid: ed714e4a-0f80-4b2d-ae82-b28d617fe927 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b42xTGpSoAMF9Vw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6379d1a1-1235a4ad16a6bfee50615fbb;Sampled=0 x-amzn-remapped-date: Sun, 20 Nov 2022 07:05:05 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: UzVSiMniBPN9LTEIutLmWn7BZX7d5RWIxtH0H-RpLfIGqdIBTovGMg== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:54:18 GMT age: 6768 etag: "a23fd98701ac35cd8740d1f7a832118c770e20c8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10944 Md5: 5e586c141835f4ac8819c55dcb811b4d Sha1: a23fd98701ac35cd8740d1f7a832118c770e20c8 Sha256: 4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4374 x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cGB7uFWJIAMFfTg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 6XMNeYqDwM9yHZf1rkBRhZ6k_iZE92MWKavu0vlQnT2jZ--tswQwWw== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 07:07:08 GMT age: 59998 etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4374 Md5: 514b4077fad50ba782e4bbb2c95c6852 Sha1: 4770f56d4d9489df43f33952e4bfa84d8e46414e Sha256: a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9073 x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b8JuVHY7IAMFtRg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0 x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT x-amz-cf-pop: SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 14:36:38 GMT age: 33028 etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9073 Md5: ccb536b51f31391c89fb2abe3be6c749 Sha1: c9a5ab962bfdd174aecd4809d770f0fe305ab8e4 Sha256: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6859 x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYTHRroAMFR8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 14:28:34 GMT age: 33512 etag: "26b8dd82140c0db021048e11bff65a391dc6b444" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6859 Md5: f80a9a9b55da31c98663e157dde74a19 Sha1: 26b8dd82140c0db021048e11bff65a391dc6b444 Sha256: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5099 x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4jFBvoAMFl1w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:42:14 GMT etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6" age: 7492 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5099 Md5: 433875a1b1fef34e45f2d8ac344c07e3 Sha1: f2129466436cbbdd58abe42a47fb7af19eba58e6 Sha256: ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4803 x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iFHoIAMF2-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:42:14 GMT etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" age: 7492 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4803 Md5: cc0a257323f882caff067adb86d906e4 Sha1: cedf2f21be7cd366bd46055b62b5513db3011dfc Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /agEA?usid=3raefs913dgdf&email=jwhittington%40slurpmail.net&sub1=clear_main&prid=3raefs913dgdf&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhit (...) FQDN: www2.dateexotic.com IP: 172.67.159.164 HASH: c87a1138bc669bdc48ce7894784bb45b67f5518d9c661d0dda32ab7f645a9d3c 172.67.159.164 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Sat, 26 Nov 2022 23:47:04 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zcmFlZnM5MTNkZ2RmJmVtYWlsPWp3aGl0dGluZ3RvbiU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9M3JhZWZzOTEzZGdkZiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=99486cb194b415d5e0af0763644dc0e2 access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1D%2FQEkgGQEfSWHP4vbYRhwsTC3GsxBAt4fbQiyzty%2FYIeIntMJDtKpN2zpZDNxveXe9Osw4SYsAx6slFINtyC%2FdLQh3RbGOzqWipuzw1by%2B%2FXSMvErvFJJE79KlVYf6u0gtjC7F"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681ce2a130b4d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, max speed, from Unix\012- data Size: 171806 Md5: 1caaa5eee8b6702ee6f584175c5b5dbd Sha1: 6860fc95b810b3a4881d434e5b730125bca0ed27 Sha256: c87a1138bc669bdc48ce7894784bb45b67f5518d9c661d0dda32ab7f645a9d3c
GET /static/DAAA/img/set-1/img-4.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-4.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 149540 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-24824" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 769x1350, components 3\012- data Size: 149540 Md5: 2f9d13fc1501209e574e8d86ad2cbf6b Sha1: a0521f04bf849a34a78b5c15caaa0b34e33a121b Sha256: 96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85
GET /static/DAAA/img/set-1/img-1.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-1.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 290615 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-46f37" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data Size: 290615 Md5: 12b1bb2135d1607fc59e4045c702da89 Sha1: c34a7a2e9bf1595ea2ee1d0c18eb428cfcd3ff4e Sha256: 24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4
GET /static/DAAA/img/set-1/img-2.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-2.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 343049 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-53c09" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data Size: 343049 Md5: fcc7e18f8fbe4b0682cd80992bc329c5 Sha1: c637153efeb0f794364a930bc0344da1dbdb63e1 Sha256: ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047
GET /static/DAAA/img/set-1/img-5.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-5.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 204097 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-31d41" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1013x1350, components 3\012- data Size: 204097 Md5: 7521e9a6aea4d17eaa1f6dc9c9eb75bf Sha1: c869ef5799e28537a238733d184e6b3707264635 Sha256: 5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4593 Cache-Control: max-age=101526 Date: Sat, 26 Nov 2022 23:47:06 GMT Etag: "63817d1f-1d7" Expires: Mon, 28 Nov 2022 03:59:12 GMT Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ae452333438465bef0a71a80768855a0 Sha1: dae89646a66487e12b6dba40b7796c4b608506bd Sha256: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 Host: lh3.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1x (...) FQDN: lh3.google.com IP: 142.250.74.142 HASH: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb 142.250.74.142 HTTP/2 302 Found content-type: text/html; charset=UTF-8 location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en cache-control: private vary: Origin access-control-allow-origin: * timing-allow-origin: * x-content-type-options: nosniff date: Sat, 26 Nov 2022 23:47:06 GMT server: fife content-length: 337 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Size: 337 Md5: 66a43eafe19fd2e9782007272dd06ced Sha1: 9d5112f8b4482ef224d10b0d0a17bfaf053e8e23 Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: AICWsK/OYCzyxBb3CKhIjiw4CgcZuALbUWObCM5t8dPFGFKhSKPuLdUzsPWwzaA7s2gGdHSovsVVYlWWFPsQ/Q== content-length: 0 date: Sat, 26 Nov 2022 23:47:06 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/DAAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 3559 last-modified: Mon, 20 Jul 2020 07:12:48 GMT etag: "5f1543f0-de7" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 3559 Md5: 86f9929824fc0d3b444b16a1ba4df0b9 Sha1: 821aaf3136d30d89d6585ddb149a30a905c76f03 Sha256: 860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb
GET /static/DAAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 39b75cd90731e0f783ce97be98150f8ca304d2569edb8e95f23783b06fe26b5c 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 1129 last-modified: Mon, 20 Jul 2020 07:14:44 GMT etag: "5f154464-469" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1129 Md5: be401ad33728dd542f660a0ddd657a64 Sha1: 49b008b667dc9dd34ecab799199e5d7a1e9b0764 Sha256: 39b75cd90731e0f783ce97be98150f8ca304d2569edb8e95f23783b06fe26b5c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4593 Cache-Control: max-age=101526 Date: Sat, 26 Nov 2022 23:47:06 GMT Etag: "63817d1f-1d7" Expires: Mon, 28 Nov 2022 03:59:12 GMT Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ae452333438465bef0a71a80768855a0 Sha1: dae89646a66487e12b6dba40b7796c4b608506bd Sha256: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e99fcdc3ed7523948d56cbe1c943fcf3 Sha1: 4b8a3c27fa51771c288a392441d678321d7a3717 Sha256: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: c9d2c57858231041a2e54594acd54eb9088a29b8c720d8ed747879f1804003a3 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 23:47:06 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-905400858%3A1669506426591856&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtEzRiax1llcU-mgBsCDzl-GFPQq8LACY_S4KaPhg3zctTVXiQXLXREzE2xLVtTr97IGTkqYA strict-transport-security: max-age=31536000; includeSubDomains report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-85hRQe1zfddpe51SU7ZTDg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 412 server: GSE set-cookie: __Host-GAPS=1:oM1Gpq9KmUTroZ86rF84O5Xt6PLnRw:Bl5iyqDh2smeZWE4;Path=/;Expires=Mon, 25-Nov-2024 23:47:06 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386) Size: 412 Md5: 79571a6c3d44ebdc34623d598c45bb9b Sha1: e7a2f2b0825c5fd514b15e34b97fb73f21ccf620 Sha256: c9d2c57858231041a2e54594acd54eb9088a29b8c720d8ed747879f1804003a3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 57d879e15e893b379fbd2ce4f9b740604f4fda82b7b5e8ee6b5907d8cc40d2b6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "57D879E15E893B379FBD2CE4F9B740604F4FDA82B7B5E8EE6B5907D8CC40D2B6" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4875 Expires: Sun, 27 Nov 2022 01:08:21 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 255cd02e4a2b2d72640a992ef18ac91d Sha1: b654ea68e4c635c0a66e02ba8ce2820ad1e259ea Sha256: 57d879e15e893b379fbd2ce4f9b740604f4fda82b7b5e8ee6b5907d8cc40d2b6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ae776b176418187b5000b607e1163d18ffbd78ebf59ffb0c1ee4060117d8e471 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5894 Cache-Control: max-age=164042 Date: Sat, 26 Nov 2022 23:47:06 GMT Etag: "63826c3e-139" Expires: Mon, 28 Nov 2022 21:21:08 GMT Last-Modified: Sat, 26 Nov 2022 19:42:54 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: ad9e4133686b42ec09fded55a3f50355 Sha1: bb1e135c7bbb8a234b40b3e7d9de316b1c174e8b Sha256: ae776b176418187b5000b607e1163d18ffbd78ebf59ffb0c1ee4060117d8e471
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pornhub.com/video/manage?o=mr&t=pr2 FQDN: pornhub.com IP: 66.254.114.41 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 66.254.114.41 HTTP/2 301 Moved Permanently content-type: text/html server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 166 location: https://www.pornhub.com/video/manage?o=mr&t=pr2 x-frame-options: SAMEORIGIN rating: RTA-5042-1996-1400-1577-RTA set-cookie: __s=6382A57A-42FE722901BB1F65-46BBE36; Secure; Samesite=None __l=6382A57A-42FE722901BB1F65-46BBE36; Secure; Samesite=None; Max-Age=31556926 strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722901BB1F65-46BBE36 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /user/security/1111 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/user/security/1111 FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.254.114.33 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=qwns1d8kou7ezalqp61asumbb8as8rs8; expires=Tue, 23-Nov-2032 23:47:06 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=967698682772649201; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1026 location: https://www.pornhubpremium.com/premium/login?redirect=ZdclL1XsZty8o5GdoS8tCUDkWJPAZcDWAdTXnNI1vzE6WIBoEdYXr6z8xr4XbKC6 x-frame-options: SAMEORIGIN vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722101BBDF7E-43FF90B --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premium/login?redirect=ZdclL1XsZty8o5GdoS8tCUDkWJPAZcDWAdTXnNI1vzE6WIBoEdYXr6z8xr4XbKC6 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=qwns1d8kou7ezalqp61asumbb8as8rs8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=ZdclL1XsZ (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: a63169a6268077f9e2cf4f0206990cf813e5ca90c6bbe0556423662d60b2b060 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=859175991362288937; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=40844.100000; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722101BBDF7E-43FF981 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7794 Md5: b5fd0df82fc6d9c56dc9dd552ff1fd53 Sha1: 2ab567c26dd2e9d9411d1cfd3a6ed444c831ec69 Sha256: a63169a6268077f9e2cf4f0206990cf813e5ca90c6bbe0556423662d60b2b060
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT Expires: Sat, 03 Dec 2022 07:48:03 GMT Etag: "f66d108422d188602530372875d7beac8327ef5e" Cache-Control: max-age=546656,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 770681df0a72b4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: 00eea5bdd305068f54a53a0311504c7f Sha1: f66d108422d188602530372875d7beac8327ef5e Sha256: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.8 HASH: 9ea6cfd16691696965fddf0b67d953ede88a78d3045dc51c6f29056750a220ed 185.88.181.8 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Sat, 26 Nov 2022 23:47:06 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=5a0b7c31d5f643f0NhUO6kXxB7PrIsbSmQ7qpRuIpVkaGxtYTYWV5tMYDKlWGlxSda11ofx779lxfxlwTMQVQr08kdRi1t5Ign3BKWAF9DbB8jWn_GsMzeH1UPJxsiPLSF4SUPM8rzp5aXr_8nvWpyFMDyioOAtOr-0HMrAOi_aWes2RUBcUV9o3aVcpKKFzDKO65Yx42C3p07pt; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644) Size: 25865 Md5: ec610e06d25f67f668db601218ffb095 Sha1: 1b669c55dd8eda793712e33cfa2db8fafb802972 Sha256: 9ea6cfd16691696965fddf0b67d953ede88a78d3045dc51c6f29056750a220ed
GET /v3/signin/identifier?dsh=S-905400858%3A1669506426591856&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtEzRiax1llcU-mgBsCDzl-GFPQq8LACY_S4KaPhg3zctTVXiQXLXREzE2xLVtTr97IGTkqYA HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S-90540085 (...) FQDN: accounts.google.com IP: 216.58.207.237 216.58.207.237 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 23:47:06 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-rPQhpzXWo6O0FQbMSRCw-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= cross-origin-opener-policy-report-only: same-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-id?nbl=&impression=aC76OmOCpXk&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DaC76OmOCpXk%26u%3D1879628173168256376&search=%3Fi%3DaC76OmOCpXk%26u%3D1879628173168256376&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=aC76OmOCpXk&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT set-cookie: userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D; expires=Mon, 27-Nov-2023 20:03:46 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=3nz62p5johfax9s2t5qf9iv9o089bp2a; expires=Tue, 23-Nov-2032 23:47:06 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=303189860289630953; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=7008.100000; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6382A57A-42FE722901BB1F65-46BBEA2; Secure; Samesite=None __l=6382A57A-42FE722901BB1F65-46BBEA2; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722901BB1F65-46BBEA2 X-Firefox-Spdy: h2 --- Additional Info ---
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 172.67.166.71 172.67.166.71 HTTP/2 200 OK content-type: application/x-javascript date: Sat, 26 Nov 2022 23:47:05 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 6092 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr6EmCvSOglVcBaxXK1bJoyNIptgNOxvSVacQNXLhq5qv%2F%2FsPe%2BGfrq4nhFbwNBDPw4vj5KY3fxQDIJt5t%2B5tXL2DoI2rid1uG9doBG32SRGVXuvwUyOr1I7VJ23"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681d9381db4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 365 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTc0OCwiZG9tSW50ZXJhY3RpdmUiOjE5ODEsImRvbUNvbXBsZXRlIjoyNzM0fX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 172.64.138.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 23:47:06 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fe%2FrDFOFEA3PfvNJ6UdsRY4nilDRWD4jt9ZJ9K7hf4sQe1njmIjm3jh8%2FZSm2OKJC9OdhHktgK7BYevax5GTCGDRvpTTP%2Fl7ugVeHd71C33toMf6kxfDZSO8UMnPJ05hc2d"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681da7b2f06a2-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 581 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6eyJ0cmFmZmljV2l0aEVtYWlsQ2FzY2FkZUlkIjp0cnVlLCJyZWFsVXNlcnNDYXNjYWRlSWQiOnRydWUsIm1haW5DYXNjYWRlIjp0cnVlLCJiYWNrQ2FzY2FkZSI6dHJ1ZSwic2Vjb25kQ2xpY2tDYXNjYWRlIjp0cnVlLCJwb3BzQ2FzY2FkZSI6ZmFsc2UsInBvcHNDb3VudCI6MX0sInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPWFDNzZPbU9DcFhrJnU9MTg3OTYyODE3MzE2ODI1NjM3NiIsInNlYXJjaCI6Ij9pPWFDNzZPbU9DcFhrJnU9MTg3OTYyODE3MzE2ODI1NjM3NiIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImV4dHNlcyIsImRhdGEiOnsieHZpZCI6ImZhbHNlIn0sImx1aWQiOjM3NjcxODg1NjA2M30=; userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:07 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjozNzY3MTg4NTYwNjN9; userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:07 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 318 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjM3NjcxODg1NjA2M30=; userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:07 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

                                        
                                            GET /agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf HTTP/1.1 

                                        
                                            
Host: dateexotic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         104.21.34.109

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:03 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i54FhzQ684IvpslkwypiNS%2FcGFrszrF1XY7uIte1h6vVIU7m2TZbLzPJ8EuF5tA9VcRUV05XJdC9IzBPzaB%2BLrvJnHC%2FGDSWp0W%2BrvYrCnnwg26Ll627Tkm9b6TXCj7Mng%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770681caceed0b45-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   907

                                                Md5:    f644572248ce42c31779d65845c95277

                                                Sha1:   6963b52cff901ae5ce3eb250820dcaef46cc9388

                                                Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1053 

                                        
                                            
Cache-Control: max-age=126098 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:03 GMT 

                                        
                                            
Etag: "6381eaec-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 10:48:41 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    15b59d5e62caedb4bec3ba6724906c1e

                                                Sha1:   960f801e608a56fdd11449f4face29f62cad2b21

                                                Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2415 

                                        
                                            
Expires: Sun, 27 Nov 2022 00:27:18 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:03 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    260e9998c20d831b66f1029c8f47aac9

                                                Sha1:   716d630f647c54dc69a7f9c63a6cac294b3df7f7

                                                Sha256: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 344 

                                        
                                            
ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15491 

                                        
                                            
Expires: Sun, 27 Nov 2022 04:05:15 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:04 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   344

                                                Md5:    1ff100f14aadb35808b403a3fbca8bc7

                                                Sha1:   92feaf32494b1f822aab27cbb79812abb8500634

                                                Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 23:11:12 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2152 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 344 

                                        
                                            
ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15491 

                                        
                                            
Expires: Sun, 27 Nov 2022 04:05:15 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:04 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   344

                                                Md5:    1ff100f14aadb35808b403a3fbca8bc7

                                                Sha1:   92feaf32494b1f822aab27cbb79812abb8500634

                                                Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c

                                        
                                            GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zcmFlZnM5MTNkZ2RmJmVtYWlsPWp3aGl0dGluZ3RvbiU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9M3JhZWZzOTEzZGdkZiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=99486cb194b415d5e0af0763644dc0e2 HTTP/1.1 

                                        
                                            
Host: alexatracker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://dateexotic.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.204.112

                                        
                                            HTTP/2 301 Moved Permanently

                                        

                                        
                                            
date: Sat, 26 Nov 2022 23:47:04 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: https://www2.dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington%40slurpmail.net&sub1=clear_main&prid=3raefs913dgdf&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=1879628173168256376&c=2591485379 

                                        
                                            
set-cookie: trbarid=1879628173168256376;expires=Mon, 25 Nov 2024 23:47:04 GMT;secure;HttpOnly;SameSite=None;path=/ 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEx7u7KhqoQcZqHrEAQZ8LXuZI0l02wMCpyinm4qmx%2BZze7nlm49Xc%2Bxt25kQuWsJ4gGndx6RO0gahxBucm2ug%2FIUKOy2ZfBqM%2BUGWCDMXC2GWDUYwOvC4PqFU%2F3dmBVVrxu"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 770681d22e3ab4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: lzfOs620qL73fa88cluoRw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.189.139.67

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 1CuoIpdYDWjSu702Bpkf21t3juQ= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    619fa0039b94697fc8a5bd24f57e8aa2

                                                Sha1:   53a366391a51d625029cc6d32fb4e8b6060990fd

                                                Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    619fa0039b94697fc8a5bd24f57e8aa2

                                                Sha1:   53a366391a51d625029cc6d32fb4e8b6060990fd

                                                Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 

                                        
                                            
Host: ajax.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" 

                                        
                                            
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 31021 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Fri, 25 Nov 2022 14:19:24 GMT 

                                        
                                            
expires: Sat, 25 Nov 2023 14:19:24 GMT 

                                        
                                            
cache-control: public, max-age=31536000, stale-while-revalidate=2592000 

                                        
                                            
last-modified: Fri, 08 May 2020 07:05:03 GMT 

                                        
                                            
age: 120461 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65451)

                                                Size:   31021

                                                Md5:    903bc7a7e510f87aa5d0201eb59a0832

                                                Sha1:   ac9aa4dd94cde1bcba9037e94087138b127e41fc

                                                Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

                                        
                                            GET /static/DAAA/css/bootstrap-reboot.min.css HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
content-length: 3879 

                                        
                                            
last-modified: Mon, 20 Jul 2020 11:08:38 GMT 

                                        
                                            
etag: "5f157b36-f27" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3498)

                                                Size:   3879

                                                Md5:    522e4ec96bebf2d79e37786091541e21

                                                Sha1:   0ba39cdcbb5c7006f2009e60c766e10e9691b734

                                                Sha256: c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295

                                        
                                            GET /static/DAAA/css/styles.css HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
content-length: 6183 

                                        
                                            
last-modified: Tue, 21 Jul 2020 09:17:46 GMT 

                                        
                                            
etag: "5f16b2ba-1827" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   6183

                                                Md5:    dd208b4696de6516cf66b2a6d94d75d6

                                                Sha1:   d6e6ef2262d7ca5328bcb0a5714cbc6b1643f170

                                                Sha256: 2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa

                                        
                                            GET /7.21.1/bundle.es5.min.js HTTP/1.1 

                                        
                                            
Host: browser.sentry-cdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         151.101.66.217

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
expires: Thu, 23 Nov 2023 17:02:22 GMT 

                                        
                                            
last-modified: Wed, 23 Nov 2022 11:53:26 GMT 

                                        
                                            
etag: "66704d64b742c25f1edefdf90adf3f2f" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
age: 283483 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
server: Fastly 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
content-length: 20162 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (62012)

                                                Size:   20162

                                                Md5:    66704d64b742c25f1edefdf90adf3f2f

                                                Sha1:   5f54e6f7e7e066f91aa129fa2a877618916aacb1

                                                Sha256: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "69E1D926DAD1081C729915A2EEF41939B8089821A22FBE8BAE6D225A5DE009D2" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=13549 

                                        
                                            
Expires: Sun, 27 Nov 2022 03:32:54 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7de0ff68ea354885043678e59df9d787

                                                Sha1:   2916f67acc6d1bfeb2dc7815f2c460e3df07a21a

                                                Sha256: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 30928 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 24 Nov 2022 16:40:18 GMT 

                                        
                                            
expires: Fri, 24 Nov 2023 16:40:18 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 198407 

                                        
                                            
last-modified: Mon, 11 Jul 2022 18:57:39 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data

                                                Size:   30928

                                                Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184

                                                Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7

                                                Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

                                        
                                            POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 

                                        
                                            
Host: o65532.ingest.sentry.io

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://her-cupid.com/ 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Content-Length: 426 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.195.249

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
content-length: 2 

                                        
                                            
access-control-allow-origin: https://her-cupid.com 

                                        
                                            
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after 

                                        
                                            
vary: Origin 

                                        
                                            
x-envoy-upstream-service-time: 14 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   2

                                                Md5:    99914b932bd37a50b983c5e7c90ae93b

                                                Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                        
                                            GET /static/DAAA/img/set-1/small/img-5.jpg HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
content-length: 6194 

                                        
                                            
last-modified: Mon, 20 Jul 2020 14:22:14 GMT 

                                        
                                            
etag: "5f15a896-1832" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x120, components 3\012- data

                                                Size:   6194

                                                Md5:    89549bd65753a0f0e1b09e6bf90ed0d5

                                                Sha1:   44ae3f09c9696ff83ab4ce4ca9bd3eaf2d62ab98

                                                Sha256: 1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11008 

                                        
                                            
Expires: Sun, 27 Nov 2022 02:50:34 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11008 

                                        
                                            
Expires: Sun, 27 Nov 2022 02:50:34 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4374 

                                        
                                            
x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cGB7uFWJIAMFfTg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 6XMNeYqDwM9yHZf1rkBRhZ6k_iZE92MWKavu0vlQnT2jZ--tswQwWw== 

                                        
                                            
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 07:07:08 GMT 

                                        
                                            
age: 59998 

                                        
                                            
etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4374

                                                Md5:    514b4077fad50ba782e4bbb2c95c6852

                                                Sha1:   4770f56d4d9489df43f33952e4bfa84d8e46414e

                                                Sha256: a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6859 

                                        
                                            
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cCvYTHRroAMFR8g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw== 

                                        
                                            
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 14:28:34 GMT 

                                        
                                            
age: 33512 

                                        
                                            
etag: "26b8dd82140c0db021048e11bff65a391dc6b444" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6859

                                                Md5:    f80a9a9b55da31c98663e157dde74a19

                                                Sha1:   26b8dd82140c0db021048e11bff65a391dc6b444

                                                Sha256: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4803 

                                        
                                            
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cOo4iFHoIAMF2-g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg== 

                                        
                                            
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 21:42:14 GMT 

                                        
                                            
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" 

                                        
                                            
age: 7492 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4803

                                                Md5:    cc0a257323f882caff067adb86d906e4

                                                Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc

                                                Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

                                        
                                            GET /static/DAAA/img/set-1/img-4.jpg HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
content-length: 149540 

                                        
                                            
last-modified: Mon, 20 Jul 2020 09:46:28 GMT 

                                        
                                            
etag: "5f1567f4-24824" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 769x1350, components 3\012- data

                                                Size:   149540

                                                Md5:    2f9d13fc1501209e574e8d86ad2cbf6b

                                                Sha1:   a0521f04bf849a34a78b5c15caaa0b34e33a121b

                                                Sha256: 96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85

                                        
                                            GET /static/DAAA/img/set-1/img-2.jpg HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
content-length: 343049 

                                        
                                            
last-modified: Mon, 20 Jul 2020 09:46:28 GMT 

                                        
                                            
etag: "5f1567f4-53c09" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data

                                                Size:   343049

                                                Md5:    fcc7e18f8fbe4b0682cd80992bc329c5

                                                Sha1:   c637153efeb0f794364a930bc0344da1dbdb63e1

                                                Sha256: ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4593 

                                        
                                            
Cache-Control: max-age=101526 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
Etag: "63817d1f-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 03:59:12 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ae452333438465bef0a71a80768855a0

                                                Sha1:   dae89646a66487e12b6dba40b7796c4b608506bd

                                                Sha256: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917

                                        
                                            GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 

                                        
                                            
Host: lh3.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.142

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en 

                                        
                                            
cache-control: private 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
server: fife 

                                        
                                            
content-length: 337 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators

                                                Size:   337

                                                Md5:    66a43eafe19fd2e9782007272dd06ced

                                                Sha1:   9d5112f8b4482ef224d10b0d0a17bfaf053e8e23

                                                Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

                                        
                                            GET /static/DAAA/favicon-150x150.png HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
content-length: 3559 

                                        
                                            
last-modified: Mon, 20 Jul 2020 07:12:48 GMT 

                                        
                                            
etag: "5f1543f0-de7" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   3559

                                                Md5:    86f9929824fc0d3b444b16a1ba4df0b9

                                                Sha1:   821aaf3136d30d89d6585ddb149a30a905c76f03

                                                Sha256: 860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4593 

                                        
                                            
Cache-Control: max-age=101526 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
Etag: "63817d1f-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 03:59:12 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ae452333438465bef0a71a80768855a0

                                                Sha1:   dae89646a66487e12b6dba40b7796c4b608506bd

                                                Sha256: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e922b25acaba2d7f8921ebe973a4b261

                                                Sha1:   5dd4c237c84a652cbcf3db163529f3788ceafc46

                                                Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "57D879E15E893B379FBD2CE4F9B740604F4FDA82B7B5E8EE6B5907D8CC40D2B6" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4875 

                                        
                                            
Expires: Sun, 27 Nov 2022 01:08:21 GMT 

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    255cd02e4a2b2d72640a992ef18ac91d

                                                Sha1:   b654ea68e4c635c0a66e02ba8ce2820ad1e259ea

                                                Sha256: 57d879e15e893b379fbd2ce4f9b740604f4fda82b7b5e8ee6b5907d8cc40d2b6

                                        
                                            GET /video/manage?o=mr&t=pr2 HTTP/1.1 

                                        
                                            
Host: pornhub.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         66.254.114.41

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
content-length: 166 

                                        
                                            
location: https://www.pornhub.com/video/manage?o=mr&t=pr2 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
rating: RTA-5042-1996-1400-1577-RTA 

                                        
                                            
set-cookie: __s=6382A57A-42FE722901BB1F65-46BBE36; Secure; Samesite=None
__l=6382A57A-42FE722901BB1F65-46BBE36; Secure; Samesite=None; Max-Age=31556926 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
x-request-id: 6382A57A-42FE722901BB1F65-46BBE36 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   166

                                                Md5:    3ea1c8d079b38532a6e01a96216ba5e2

                                                Sha1:   598d3ff91d3e252f1e13df8cf0348b270ff2da3f

                                                Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

                                        
                                            GET /premium/login?redirect=ZdclL1XsZty8o5GdoS8tCUDkWJPAZcDWAdTXnNI1vzE6WIBoEdYXr6z8xr4XbKC6 HTTP/1.1 

                                        
                                            
Host: www.pornhubpremium.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: bs=qwns1d8kou7ezalqp61asumbb8as8rs8 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         66.254.114.33

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
transfer-encoding: chunked 

                                        
                                            
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=859175991362288937; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=40844.100000; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
vary: User-Agent 

                                        
                                            
rating: RTA-5042-1996-1400-1577-RTA 

                                        
                                            
content-encoding: gzip 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
x-request-id: 6382A57A-42FE722101BBDF7E-43FF981 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)

                                                Size:   7794

                                                Md5:    b5fd0df82fc6d9c56dc9dd552ff1fd53

                                                Sha1:   2ab567c26dd2e9d9411d1cfd3a6ed444c831ec69

                                                Sha256: a63169a6268077f9e2cf4f0206990cf813e5ca90c6bbe0556423662d60b2b060

                                        
                                            GET /favorite/90902157/mk_1123 HTTP/1.1 

                                        
                                            
Host: www.xvideos.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.88.181.8

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" 

                                        
                                            
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net; 

                                        
                                            
Referrer-Policy: no-referrer-when-downgrade 

                                        
                                            
Set-Cookie: session_token=5a0b7c31d5f643f0NhUO6kXxB7PrIsbSmQ7qpRuIpVkaGxtYTYWV5tMYDKlWGlxSda11ofx779lxfxlwTMQVQr08kdRi1t5Ign3BKWAF9DbB8jWn_GsMzeH1UPJxsiPLSF4SUPM8rzp5aXr_8nvWpyFMDyioOAtOr-0HMrAOi_aWes2RUBcUV9o3aVcpKKFzDKO65Yx42C3p07pt; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Server: nginx 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644)

                                                Size:   25865

                                                Md5:    ec610e06d25f67f668db601218ffb095

                                                Sha1:   1b669c55dd8eda793712e33cfa2db8fafb802972

                                                Sha256: 9ea6cfd16691696965fddf0b67d953ede88a78d3045dc51c6f29056750a220ed

                                        
                                            GET /user-id?nbl=&impression=aC76OmOCpXk&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DaC76OmOCpXk%26u%3D1879628173168256376&search=%3Fi%3DaC76OmOCpXk%26u%3D1879628173168256376&contactExists=false HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=UTF-8

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
set-cookie: userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D; expires=Mon, 27-Nov-2023 20:03:46 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /cdn/push.min.js HTTP/1.1 

                                        
                                            
Host: cdnjam.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.166.71

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript

                                        

                                        
                                            
date: Sat, 26 Nov 2022 23:47:05 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"44c9e373bc246e347c8420a2eb8f54d4" 

                                        
                                            
last-modified: Mon, 06 Jun 2022 20:30:35 GMT 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 16F62D8C82243EE0 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
cache-control: max-age=14400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 6092 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr6EmCvSOglVcBaxXK1bJoyNIptgNOxvSVacQNXLhq5qv%2F%2FsPe%2BGfrq4nhFbwNBDPw4vj5KY3fxQDIJt5t%2B5tXL2DoI2rid1uG9doBG32SRGVXuvwUyOr1I7VJ23"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 770681d9381db4eb-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            POST /get-keys HTTP/1.1 

                                        
                                            
Host: app.api-push.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Content-Length: 174 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.138.29

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sat, 26 Nov 2022 23:47:06 GMT 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH 

                                        
                                            
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fe%2FrDFOFEA3PfvNJ6UdsRY4nilDRWD4jt9ZJ9K7hf4sQe1njmIjm3jh8%2FZSm2OKJC9OdhHktgK7BYevax5GTCGDRvpTTP%2Fl7ugVeHd71C33toMf6kxfDZSO8UMnPJ05hc2d"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 770681da7b2f06a2-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf
IP	104.21.34.109 ()
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-26 23:47:14 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	5
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittingt (...) FQDN: dateexotic.com IP: 104.21.34.109 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 104.21.34.109 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 26 Nov 2022 23:47:03 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i54FhzQ684IvpslkwypiNS%2FcGFrszrF1XY7uIte1h6vVIU7m2TZbLzPJ8EuF5tA9VcRUV05XJdC9IzBPzaB%2BLrvJnHC%2FGDSWp0W%2BrvYrCnnwg26Ll627Tkm9b6TXCj7Mng%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 770681caceed0b45-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13502 Expires: Sun, 27 Nov 2022 03:32:05 GMT Date: Sat, 26 Nov 2022 23:47:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1053 Cache-Control: max-age=126098 Date: Sat, 26 Nov 2022 23:47:03 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 10:48:41 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 23:19:17 GMT cache-control: public,max-age=3600 age: 1666 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2415 Expires: Sun, 27 Nov 2022 00:27:18 GMT Date: Sat, 26 Nov 2022 23:47:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 260e9998c20d831b66f1029c8f47aac9 Sha1: 716d630f647c54dc69a7f9c63a6cac294b3df7f7 Sha256: c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: j/KLwwZ7iGojusnjPGIp9n0LwBxlDhP7Y/mczAbYL1EUxsOpIYiAMxswcYAJk/8qe8SqFNhnOdE= x-amz-request-id: D3WFDH5GM43K6RJY content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 23:41:24 GMT age: 339 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 104.21.34.109 HASH: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b 104.21.34.109 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Sat, 26 Nov 2022 23:47:03 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 770681ccf84c0b45-OSL Age: 171527 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3u7GRWLAK3ZQJnWKnGYPx3Jdbtj446gF2qcYaUp9VSzFqS7V5V69mjz7c0VboZk4v3eGncDHzVrNzN068EexDRS%2BQltqPXI28oZvhCPo1CsLZJbTkFY4ry5gu0hWOT6%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3571 Md5: 896fa747a8832e6a6ac72bbbcfc917f6 Sha1: 67dc40632c900a9f84280f0898b308b8a6b3e3a5 Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 23:47:03 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15491 Expires: Sun, 27 Nov 2022 04:05:15 GMT Date: Sat, 26 Nov 2022 23:47:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington@slurpmail.net&sub1=clear_main&prid=3raefs913dgdf	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 104.21.34.109 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 104.21.34.109 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 26 Nov 2022 23:47:04 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BRIIH2yCrK%2BKws%2FttN8GjBno%2BO9Ot4l0FTI3IIB8X7hlSUkzLK294mBs%2FP2ls00%2FBatSlWqzvZ7BDjsICfdsC9IabX775vG9NNxlvId1d1uKQFOmd0mbKbZycTEnzrEnA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 770681ce89640b45-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 23:11:12 GMT cache-control: public,max-age=3600 age: 2152 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3041 Cache-Control: max-age=123028 Date: Sat, 26 Nov 2022 23:47:04 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 09:57:32 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B6CB9BD85D499F398EB8392491BA52D8916DF9586DC82B00566229D193B47E6C" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15491 Expires: Sun, 27 Nov 2022 04:05:15 GMT Date: Sat, 26 Nov 2022 23:47:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: 1ff100f14aadb35808b403a3fbca8bc7 Sha1: 92feaf32494b1f822aab27cbb79812abb8500634 Sha256: b6cb9bd85d499f398eb8392491ba52d8916df9586dc82b00566229d193b47e6c
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:04 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 82fcb9ec0a37e60735dbf3be57d29dfc Sha1: 4146629945a536c641483e503ee22b7ff3e58b7a Sha256: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zcmFlZnM5MTNkZ2RmJmVtYWlsPWp3aGl0dGluZ3RvbiU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9M3JhZWZzOTEzZGdkZiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=99486cb194b415d5e0af0763644dc0e2 HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 172.67.204.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.204.112 HTTP/2 301 Moved Permanently date: Sat, 26 Nov 2022 23:47:04 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhittington%40slurpmail.net&sub1=clear_main&prid=3raefs913dgdf&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=1879628173168256376&c=2591485379 set-cookie: trbarid=1879628173168256376;expires=Mon, 25 Nov 2024 23:47:04 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEx7u7KhqoQcZqHrEAQZ8LXuZI0l02wMCpyinm4qmx%2BZze7nlm49Xc%2Bxt25kQuWsJ4gGndx6RO0gahxBucm2ug%2FIUKOy2ZfBqM%2BUGWCDMXC2GWDUYwOvC4PqFU%2F3dmBVVrxu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 770681d22e3ab4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:04 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 82fcb9ec0a37e60735dbf3be57d29dfc Sha1: 4146629945a536c641483e503ee22b7ff3e58b7a Sha256: 866ec6a80d8595f98fd43fc2699fce6e20d0004a140d4559f0f4800b94013766
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: lzfOs620qL73fa88cluoRw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.189.139.67 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.189.139.67 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 1CuoIpdYDWjSu702Bpkf21t3juQ= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 50ae671bb0e4143f8e7c04cc4378a0267717608f88818899f643175b45923614 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50AE671BB0E4143F8E7C04CC4378A0267717608F88818899F643175B45923614" Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7374 Expires: Sun, 27 Nov 2022 01:49:59 GMT Date: Sat, 26 Nov 2022 23:47:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6fbcfe846f488e642e75632ecdf14f81 Sha1: 979a93f518c584e468ae7fef8f181e22a15153a1 Sha256: 50ae671bb0e4143f8e7c04cc4378a0267717608f88818899f643175b45923614
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e5c69d237270b93e20a16eb4e652097949ba86c5150585b83a08eb904a6e1a32 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1600 Cache-Control: max-age=138134 Date: Sat, 26 Nov 2022 23:47:05 GMT Etag: "638217cf-116" Expires: Mon, 28 Nov 2022 14:09:19 GMT Last-Modified: Sat, 26 Nov 2022 13:42:39 GMT Server: ECS (amb/6B75) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: db6aab5a8ad97fcd88eb84d682718c7f Sha1: 91c5fec9c3cc47d750423b41ad587ccfabae73a1 Sha256: e5c69d237270b93e20a16eb4e652097949ba86c5150585b83a08eb904a6e1a32
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js FQDN: js.sentry-cdn.com IP: 151.101.66.217 HASH: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d 151.101.66.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 11 content-encoding: gzip accept-ranges: bytes date: Sat, 26 Nov 2022 23:47:05 GMT age: 23 x-served-by: getsentry-web-default-common-production-5c68b88dcb-bjxqf, cache-bma1628-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1021 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 1021 Md5: 3b07f6f3625abf8ad4dafd7b821ad69e Sha1: 304bbec923fc251222f5d8bf87ff13244ac12201 Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.10 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.10 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 14:19:24 GMT expires: Sat, 25 Nov 2023 14:19:24 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 120461 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 300e627500a270d5e306b8aa28e363901ece76a41866ca88109c1af05cef396c 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 26 Nov 2022 23:47:05 GMT date: Sat, 26 Nov 2022 23:47:05 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 853 Md5: acd144b7316773b2edf26451ef59379e Sha1: 41fe8a8130cf17464e1c0162bd585c47a8932def Sha256: 300e627500a270d5e306b8aa28e363901ece76a41866ca88109c1af05cef396c
GET /static/DAAA/css/bootstrap-reboot.min.css HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/css/bootstrap-reboot.min.css FQDN: her-cupid.com IP: 54.39.22.228 HASH: c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295 54.39.22.228 HTTP/2 200 OK content-type: text/css server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 3879 last-modified: Mon, 20 Jul 2020 11:08:38 GMT etag: "5f157b36-f27" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3498) Size: 3879 Md5: 522e4ec96bebf2d79e37786091541e21 Sha1: 0ba39cdcbb5c7006f2009e60c766e10e9691b734 Sha256: c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /static/DAAA/css/styles.css HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/css/styles.css FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa 54.39.22.228 HTTP/2 200 OK content-type: text/css server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 6183 last-modified: Tue, 21 Jul 2020 09:17:46 GMT etag: "5f16b2ba-1827" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 6183 Md5: dd208b4696de6516cf66b2a6d94d75d6 Sha1: d6e6ef2262d7ca5328bcb0a5714cbc6b1643f170 Sha256: 2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /7.21.1/bundle.es5.min.js HTTP/1.1 Host: browser.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: browser.sentry-cdn.com/7.21.1/bundle.es5.min.js FQDN: browser.sentry-cdn.com IP: 151.101.66.217 HASH: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050 151.101.66.217 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 cache-control: public, max-age=31536000 expires: Thu, 23 Nov 2023 17:02:22 GMT last-modified: Wed, 23 Nov 2022 11:53:26 GMT etag: "66704d64b742c25f1edefdf90adf3f2f" content-encoding: gzip accept-ranges: bytes date: Sat, 26 Nov 2022 23:47:05 GMT age: 283483 vary: Accept-Encoding access-control-allow-origin: * server: Fastly strict-transport-security: max-age=31536000; includeSubDomains content-length: 20162 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (62012) Size: 20162 Md5: 66704d64b742c25f1edefdf90adf3f2f Sha1: 5f54e6f7e7e066f91aa129fa2a877618916aacb1 Sha256: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "69E1D926DAD1081C729915A2EEF41939B8089821A22FBE8BAE6D225A5DE009D2" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13549 Expires: Sun, 27 Nov 2022 03:32:54 GMT Date: Sat, 26 Nov 2022 23:47:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7de0ff68ea354885043678e59df9d787 Sha1: 2916f67acc6d1bfeb2dc7815f2c460e3df07a21a Sha256: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.138.29 HTTP/2 204 No Content date: Sat, 26 Nov 2022 23:47:05 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=att87eN0wFAEu6yxcyorCaT5uMu0A42YcHEthmoo3FWLUmAX%2FKjFnaY9%2B7V9Ru0Kv2fmuWiPDLnwyb1nG3c0iUxRGcQs5W6l9XKZz%2FpdPt87IEdrV3Ei4XbGFAO1yc44oLIA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681d9faca06a2-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:40:18 GMT expires: Fri, 24 Nov 2023 16:40:18 GMT cache-control: public, max-age=31536000 age: 198407 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after vary: Origin x-envoy-upstream-service-time: 14 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "69E1D926DAD1081C729915A2EEF41939B8089821A22FBE8BAE6D225A5DE009D2" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13548 Expires: Sun, 27 Nov 2022 03:32:54 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7de0ff68ea354885043678e59df9d787 Sha1: 2916f67acc6d1bfeb2dc7815f2c460e3df07a21a Sha256: 69e1d926dad1081c729915a2eef41939b8089821a22fbe8bae6d225a5de009d2
GET /static/DAAA/img/set-1/small/img-5.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/small/img-5.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 6194 last-modified: Mon, 20 Jul 2020 14:22:14 GMT etag: "5f15a896-1832" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x120, components 3\012- data Size: 6194 Md5: 89549bd65753a0f0e1b09e6bf90ed0d5 Sha1: 44ae3f09c9696ff83ab4ce4ca9bd3eaf2d62ab98 Sha256: 1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11008 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10944 x-amzn-requestid: ed714e4a-0f80-4b2d-ae82-b28d617fe927 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b42xTGpSoAMF9Vw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6379d1a1-1235a4ad16a6bfee50615fbb;Sampled=0 x-amzn-remapped-date: Sun, 20 Nov 2022 07:05:05 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: UzVSiMniBPN9LTEIutLmWn7BZX7d5RWIxtH0H-RpLfIGqdIBTovGMg== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:54:18 GMT age: 6768 etag: "a23fd98701ac35cd8740d1f7a832118c770e20c8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10944 Md5: 5e586c141835f4ac8819c55dcb811b4d Sha1: a23fd98701ac35cd8740d1f7a832118c770e20c8 Sha256: 4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4374 x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cGB7uFWJIAMFfTg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 6XMNeYqDwM9yHZf1rkBRhZ6k_iZE92MWKavu0vlQnT2jZ--tswQwWw== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 07:07:08 GMT age: 59998 etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4374 Md5: 514b4077fad50ba782e4bbb2c95c6852 Sha1: 4770f56d4d9489df43f33952e4bfa84d8e46414e Sha256: a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9073 x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b8JuVHY7IAMFtRg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0 x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT x-amz-cf-pop: SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 14:36:38 GMT age: 33028 etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9073 Md5: ccb536b51f31391c89fb2abe3be6c749 Sha1: c9a5ab962bfdd174aecd4809d770f0fe305ab8e4 Sha256: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6859 x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYTHRroAMFR8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 14:28:34 GMT age: 33512 etag: "26b8dd82140c0db021048e11bff65a391dc6b444" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6859 Md5: f80a9a9b55da31c98663e157dde74a19 Sha1: 26b8dd82140c0db021048e11bff65a391dc6b444 Sha256: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5099 x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4jFBvoAMFl1w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:42:14 GMT etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6" age: 7492 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5099 Md5: 433875a1b1fef34e45f2d8ac344c07e3 Sha1: f2129466436cbbdd58abe42a47fb7af19eba58e6 Sha256: ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4803 x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iFHoIAMF2-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:42:14 GMT etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" age: 7492 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4803 Md5: cc0a257323f882caff067adb86d906e4 Sha1: cedf2f21be7cd366bd46055b62b5513db3011dfc Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /agEA?usid=3raefs913dgdf&email=jwhittington%40slurpmail.net&sub1=clear_main&prid=3raefs913dgdf&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=3raefs913dgdf&email=jwhit (...) FQDN: www2.dateexotic.com IP: 172.67.159.164 HASH: c87a1138bc669bdc48ce7894784bb45b67f5518d9c661d0dda32ab7f645a9d3c 172.67.159.164 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Sat, 26 Nov 2022 23:47:04 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zcmFlZnM5MTNkZ2RmJmVtYWlsPWp3aGl0dGluZ3RvbiU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9M3JhZWZzOTEzZGdkZiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=99486cb194b415d5e0af0763644dc0e2 access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1D%2FQEkgGQEfSWHP4vbYRhwsTC3GsxBAt4fbQiyzty%2FYIeIntMJDtKpN2zpZDNxveXe9Osw4SYsAx6slFINtyC%2FdLQh3RbGOzqWipuzw1by%2B%2FXSMvErvFJJE79KlVYf6u0gtjC7F"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681ce2a130b4d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, max speed, from Unix\012- data Size: 171806 Md5: 1caaa5eee8b6702ee6f584175c5b5dbd Sha1: 6860fc95b810b3a4881d434e5b730125bca0ed27 Sha256: c87a1138bc669bdc48ce7894784bb45b67f5518d9c661d0dda32ab7f645a9d3c
GET /static/DAAA/img/set-1/img-4.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-4.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 149540 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-24824" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 769x1350, components 3\012- data Size: 149540 Md5: 2f9d13fc1501209e574e8d86ad2cbf6b Sha1: a0521f04bf849a34a78b5c15caaa0b34e33a121b Sha256: 96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85
GET /static/DAAA/img/set-1/img-1.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-1.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 290615 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-46f37" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data Size: 290615 Md5: 12b1bb2135d1607fc59e4045c702da89 Sha1: c34a7a2e9bf1595ea2ee1d0c18eb428cfcd3ff4e Sha256: 24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4
GET /static/DAAA/img/set-1/img-2.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-2.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 343049 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-53c09" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data Size: 343049 Md5: fcc7e18f8fbe4b0682cd80992bc329c5 Sha1: c637153efeb0f794364a930bc0344da1dbdb63e1 Sha256: ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047
GET /static/DAAA/img/set-1/img-5.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/img/set-1/img-5.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:05 GMT content-length: 204097 last-modified: Mon, 20 Jul 2020 09:46:28 GMT etag: "5f1567f4-31d41" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1013x1350, components 3\012- data Size: 204097 Md5: 7521e9a6aea4d17eaa1f6dc9c9eb75bf Sha1: c869ef5799e28537a238733d184e6b3707264635 Sha256: 5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4593 Cache-Control: max-age=101526 Date: Sat, 26 Nov 2022 23:47:06 GMT Etag: "63817d1f-1d7" Expires: Mon, 28 Nov 2022 03:59:12 GMT Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ae452333438465bef0a71a80768855a0 Sha1: dae89646a66487e12b6dba40b7796c4b608506bd Sha256: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 Host: lh3.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1x (...) FQDN: lh3.google.com IP: 142.250.74.142 HASH: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb 142.250.74.142 HTTP/2 302 Found content-type: text/html; charset=UTF-8 location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en cache-control: private vary: Origin access-control-allow-origin: * timing-allow-origin: * x-content-type-options: nosniff date: Sat, 26 Nov 2022 23:47:06 GMT server: fife content-length: 337 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Size: 337 Md5: 66a43eafe19fd2e9782007272dd06ced Sha1: 9d5112f8b4482ef224d10b0d0a17bfaf053e8e23 Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: AICWsK/OYCzyxBb3CKhIjiw4CgcZuALbUWObCM5t8dPFGFKhSKPuLdUzsPWwzaA7s2gGdHSovsVVYlWWFPsQ/Q== content-length: 0 date: Sat, 26 Nov 2022 23:47:06 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/DAAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 3559 last-modified: Mon, 20 Jul 2020 07:12:48 GMT etag: "5f1543f0-de7" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 3559 Md5: 86f9929824fc0d3b444b16a1ba4df0b9 Sha1: 821aaf3136d30d89d6585ddb149a30a905c76f03 Sha256: 860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb
GET /static/DAAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/DAAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 39b75cd90731e0f783ce97be98150f8ca304d2569edb8e95f23783b06fe26b5c 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 1129 last-modified: Mon, 20 Jul 2020 07:14:44 GMT etag: "5f154464-469" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1129 Md5: be401ad33728dd542f660a0ddd657a64 Sha1: 49b008b667dc9dd34ecab799199e5d7a1e9b0764 Sha256: 39b75cd90731e0f783ce97be98150f8ca304d2569edb8e95f23783b06fe26b5c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4593 Cache-Control: max-age=101526 Date: Sat, 26 Nov 2022 23:47:06 GMT Etag: "63817d1f-1d7" Expires: Mon, 28 Nov 2022 03:59:12 GMT Last-Modified: Sat, 26 Nov 2022 02:42:39 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ae452333438465bef0a71a80768855a0 Sha1: dae89646a66487e12b6dba40b7796c4b608506bd Sha256: dc15bc4a1e175a446f69fedc8475164a75477dd7a455b044f0ca85884f873917
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e99fcdc3ed7523948d56cbe1c943fcf3 Sha1: 4b8a3c27fa51771c288a392441d678321d7a3717 Sha256: 60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: c9d2c57858231041a2e54594acd54eb9088a29b8c720d8ed747879f1804003a3 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 23:47:06 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-905400858%3A1669506426591856&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtEzRiax1llcU-mgBsCDzl-GFPQq8LACY_S4KaPhg3zctTVXiQXLXREzE2xLVtTr97IGTkqYA strict-transport-security: max-age=31536000; includeSubDomains report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-85hRQe1zfddpe51SU7ZTDg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 412 server: GSE set-cookie: __Host-GAPS=1:oM1Gpq9KmUTroZ86rF84O5Xt6PLnRw:Bl5iyqDh2smeZWE4;Path=/;Expires=Mon, 25-Nov-2024 23:47:06 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386) Size: 412 Md5: 79571a6c3d44ebdc34623d598c45bb9b Sha1: e7a2f2b0825c5fd514b15e34b97fb73f21ccf620 Sha256: c9d2c57858231041a2e54594acd54eb9088a29b8c720d8ed747879f1804003a3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 57d879e15e893b379fbd2ce4f9b740604f4fda82b7b5e8ee6b5907d8cc40d2b6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "57D879E15E893B379FBD2CE4F9B740604F4FDA82B7B5E8EE6B5907D8CC40D2B6" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4875 Expires: Sun, 27 Nov 2022 01:08:21 GMT Date: Sat, 26 Nov 2022 23:47:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 255cd02e4a2b2d72640a992ef18ac91d Sha1: b654ea68e4c635c0a66e02ba8ce2820ad1e259ea Sha256: 57d879e15e893b379fbd2ce4f9b740604f4fda82b7b5e8ee6b5907d8cc40d2b6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ae776b176418187b5000b607e1163d18ffbd78ebf59ffb0c1ee4060117d8e471 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5894 Cache-Control: max-age=164042 Date: Sat, 26 Nov 2022 23:47:06 GMT Etag: "63826c3e-139" Expires: Mon, 28 Nov 2022 21:21:08 GMT Last-Modified: Sat, 26 Nov 2022 19:42:54 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: ad9e4133686b42ec09fded55a3f50355 Sha1: bb1e135c7bbb8a234b40b3e7d9de316b1c174e8b Sha256: ae776b176418187b5000b607e1163d18ffbd78ebf59ffb0c1ee4060117d8e471
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pornhub.com/video/manage?o=mr&t=pr2 FQDN: pornhub.com IP: 66.254.114.41 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 66.254.114.41 HTTP/2 301 Moved Permanently content-type: text/html server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT content-length: 166 location: https://www.pornhub.com/video/manage?o=mr&t=pr2 x-frame-options: SAMEORIGIN rating: RTA-5042-1996-1400-1577-RTA set-cookie: __s=6382A57A-42FE722901BB1F65-46BBE36; Secure; Samesite=None __l=6382A57A-42FE722901BB1F65-46BBE36; Secure; Samesite=None; Max-Age=31556926 strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722901BB1F65-46BBE36 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /user/security/1111 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/user/security/1111 FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.254.114.33 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=qwns1d8kou7ezalqp61asumbb8as8rs8; expires=Tue, 23-Nov-2032 23:47:06 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=967698682772649201; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1026 location: https://www.pornhubpremium.com/premium/login?redirect=ZdclL1XsZty8o5GdoS8tCUDkWJPAZcDWAdTXnNI1vzE6WIBoEdYXr6z8xr4XbKC6 x-frame-options: SAMEORIGIN vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722101BBDF7E-43FF90B --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premium/login?redirect=ZdclL1XsZty8o5GdoS8tCUDkWJPAZcDWAdTXnNI1vzE6WIBoEdYXr6z8xr4XbKC6 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=qwns1d8kou7ezalqp61asumbb8as8rs8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=ZdclL1XsZ (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: a63169a6268077f9e2cf4f0206990cf813e5ca90c6bbe0556423662d60b2b060 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=859175991362288937; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=40844.100000; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722101BBDF7E-43FF981 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7794 Md5: b5fd0df82fc6d9c56dc9dd552ff1fd53 Sha1: 2ab567c26dd2e9d9411d1cfd3a6ed444c831ec69 Sha256: a63169a6268077f9e2cf4f0206990cf813e5ca90c6bbe0556423662d60b2b060
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 23:47:06 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT Expires: Sat, 03 Dec 2022 07:48:03 GMT Etag: "f66d108422d188602530372875d7beac8327ef5e" Cache-Control: max-age=546656,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 770681df0a72b4e8-OSL --- Additional Info --- Magic: data Size: 471 Md5: 00eea5bdd305068f54a53a0311504c7f Sha1: f66d108422d188602530372875d7beac8327ef5e Sha256: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.8 HASH: 9ea6cfd16691696965fddf0b67d953ede88a78d3045dc51c6f29056750a220ed 185.88.181.8 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Sat, 26 Nov 2022 23:47:06 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=5a0b7c31d5f643f0NhUO6kXxB7PrIsbSmQ7qpRuIpVkaGxtYTYWV5tMYDKlWGlxSda11ofx779lxfxlwTMQVQr08kdRi1t5Ign3BKWAF9DbB8jWn_GsMzeH1UPJxsiPLSF4SUPM8rzp5aXr_8nvWpyFMDyioOAtOr-0HMrAOi_aWes2RUBcUV9o3aVcpKKFzDKO65Yx42C3p07pt; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644) Size: 25865 Md5: ec610e06d25f67f668db601218ffb095 Sha1: 1b669c55dd8eda793712e33cfa2db8fafb802972 Sha256: 9ea6cfd16691696965fddf0b67d953ede88a78d3045dc51c6f29056750a220ed
GET /v3/signin/identifier?dsh=S-905400858%3A1669506426591856&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtEzRiax1llcU-mgBsCDzl-GFPQq8LACY_S4KaPhg3zctTVXiQXLXREzE2xLVtTr97IGTkqYA HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S-90540085 (...) FQDN: accounts.google.com IP: 216.58.207.237 216.58.207.237 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sat, 26 Nov 2022 23:47:06 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-rPQhpzXWo6O0FQbMSRCw-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= cross-origin-opener-policy-report-only: same-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-id?nbl=&impression=aC76OmOCpXk&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DaC76OmOCpXk%26u%3D1879628173168256376&search=%3Fi%3DaC76OmOCpXk%26u%3D1879628173168256376&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=aC76OmOCpXk&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT set-cookie: userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D; expires=Mon, 27-Nov-2023 20:03:46 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Sat, 26 Nov 2022 23:47:06 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sun, 27-Nov-2022 23:47:06 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Sat, 03-Dec-2022 23:47:06 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=3nz62p5johfax9s2t5qf9iv9o089bp2a; expires=Tue, 23-Nov-2032 23:47:06 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=303189860289630953; expires=Sun, 26-Nov-2023 23:47:06 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=7008.100000; expires=Mon, 26-Dec-2022 23:47:06 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6382A57A-42FE722901BB1F65-46BBEA2; Secure; Samesite=None __l=6382A57A-42FE722901BB1F65-46BBEA2; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6382A57A-42FE722901BB1F65-46BBEA2 X-Firefox-Spdy: h2 --- Additional Info ---
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 172.67.166.71 172.67.166.71 HTTP/2 200 OK content-type: application/x-javascript date: Sat, 26 Nov 2022 23:47:05 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 6092 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr6EmCvSOglVcBaxXK1bJoyNIptgNOxvSVacQNXLhq5qv%2F%2FsPe%2BGfrq4nhFbwNBDPw4vj5KY3fxQDIJt5t%2B5tXL2DoI2rid1uG9doBG32SRGVXuvwUyOr1I7VJ23"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681d9381db4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 365 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTc0OCwiZG9tSW50ZXJhY3RpdmUiOjE5ODEsImRvbUNvbXBsZXRlIjoyNzM0fX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:06 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 172.64.138.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 23:47:06 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fe%2FrDFOFEA3PfvNJ6UdsRY4nilDRWD4jt9ZJ9K7hf4sQe1njmIjm3jh8%2FZSm2OKJC9OdhHktgK7BYevax5GTCGDRvpTTP%2Fl7ugVeHd71C33toMf6kxfDZSO8UMnPJ05hc2d"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 770681da7b2f06a2-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 581 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6eyJ0cmFmZmljV2l0aEVtYWlsQ2FzY2FkZUlkIjp0cnVlLCJyZWFsVXNlcnNDYXNjYWRlSWQiOnRydWUsIm1haW5DYXNjYWRlIjp0cnVlLCJiYWNrQ2FzY2FkZSI6dHJ1ZSwic2Vjb25kQ2xpY2tDYXNjYWRlIjp0cnVlLCJwb3BzQ2FzY2FkZSI6ZmFsc2UsInBvcHNDb3VudCI6MX0sInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPWFDNzZPbU9DcFhrJnU9MTg3OTYyODE3MzE2ODI1NjM3NiIsInNlYXJjaCI6Ij9pPWFDNzZPbU9DcFhrJnU9MTg3OTYyODE3MzE2ODI1NjM3NiIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImV4dHNlcyIsImRhdGEiOnsieHZpZCI6ImZhbHNlIn0sImx1aWQiOjM3NjcxODg1NjA2M30=; userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:07 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjozNzY3MTg4NTYwNjN9; userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:07 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 318 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_aC76OmOCpXk=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJhQzc2T21PQ3BYayIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2Iiwic2VhcmNoIjoiP2k9YUM3Nk9tT0NwWGsmdT0xODc5NjI4MTczMTY4MjU2Mzc2IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjM3NjcxODg1NjA2M30=; userid=fb44ee94c153725757d852cfa802fb4fd68644c220e7ec3eca6bde66a901e8dda%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A376718856063%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Sat, 26 Nov 2022 23:47:07 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

Overview

Domain Summary (29)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.34.109

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (78)

Overview

Domain Summary (29)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.34.109

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (78)

Network Intrusion Detection Systems