Overview

URLdateexotic.com/agEA?usid=1inbv1613kv3f&email=sthomas@slurpmail.net&sub1=clear_main&prid=1inbv1613kv3f
IP 104.21.34.109 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 04:54:05 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
app.api-push.com (1) 307671 2021-12-06 12:20:56 UTC 2022-11-28 21:52:44 UTC 172.64.138.29
r3.o.lencr.org (10) 344 No data No data 23.36.76.226
lh3.google.com (1) 213 2013-06-02 21:16:56 UTC 2020-05-01 19:11:57 UTC 142.250.74.142
www.pornhub.com (2) 10781 2012-05-21 06:55:53 UTC 2020-05-05 12:49:23 UTC 66.254.114.41
dateexotic.com (3) 0 2020-10-21 10:51:18 UTC 2022-11-28 14:52:54 UTC 172.67.159.164 Unknown ranking
js.sentry-cdn.com (1) 5259 2018-07-13 11:42:06 UTC 2022-11-29 01:50:26 UTC 151.101.66.217
her-cupid.com (13) 698724 2021-08-09 12:54:36 UTC 2022-11-29 00:00:19 UTC 54.39.22.228
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
cdnjam.com (1) 204001 2021-02-18 07:53:51 UTC 2022-11-28 21:52:44 UTC 104.21.58.242
accounts.google.com (2) 81 2016-09-05 09:39:47 UTC 2022-11-28 21:41:03 UTC 216.58.207.237
www2.dateexotic.com (1) 0 2022-11-09 12:59:30 UTC 2022-11-28 21:25:08 UTC 172.67.159.164 Unknown ranking
ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-28 20:22:57 UTC 216.58.207.202
o65532.ingest.sentry.io (1) 747982 2022-06-02 01:41:52 UTC 2022-11-28 21:52:44 UTC 34.120.195.249
browser.sentry-cdn.com (1) 4393 2018-07-13 11:42:06 UTC 2022-11-28 21:43:16 UTC 151.101.66.217
e1.o.lencr.org (2) 6159 No data No data 23.36.76.226
alexatracker.com (1) 0 2020-10-28 18:44:06 UTC 2022-11-29 03:11:05 UTC 172.67.204.112 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.38.240
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.pornhubpremium.com (2) 142013 2014-02-24 07:26:05 UTC 2020-04-11 12:46:17 UTC 66.254.114.33
www.xvideos.com (1) 11464 2012-05-21 18:29:12 UTC 2020-03-18 14:38:47 UTC 185.88.181.2
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-28 16:39:41 UTC 142.250.74.10
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-28 23:28:37 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
pornhub.com (1) 4903 2012-05-22 01:01:29 UTC 2022-11-28 21:52:45 UTC 66.254.114.41

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 dateexotic.com/static/js/build/bd.js Phishing
2022-11-29 2 her-cupid.com/stats Phishing
2022-11-29 2 her-cupid.com/stats Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.34.109
Date UQ / IDS / BL URL IP
2023-01-23 06:31:47 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...) 104.21.34.109
2023-01-22 22:04:56 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=3b0nm5a1bl9mr&email= (...) 104.21.34.109
2023-01-20 22:26:30 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=3k6dgk11b80oo&email= (...) 104.21.34.109
2023-01-19 12:00:48 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=mfh0gi1aufq0&email=j (...) 104.21.34.109
2023-01-19 01:20:32 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=2jjcr6u1as91r&email= (...) 104.21.34.109


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-01-28 07:39:48 +0000 0 - 2 - 6 gainrulesurvey.top/finance-survey.html?z=5072 (...) 104.21.66.9
2023-01-28 07:39:47 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10668035798196 (...) 162.159.135.233
2023-01-28 07:39:35 +0000 0 - 1 - 0 ext.securybrowsenow.com/ 188.114.96.1
2023-01-28 07:39:31 +0000 0 - 2 - 2 i8n.toppresentssurvay.top/ 188.114.97.1
2023-01-28 07:39:25 +0000 0 - 0 - 5 breakablecrocodile.build067.wpsandbox.app/dhl (...) 104.22.66.134


Last 5 reports on domain: dateexotic.com
Date UQ / IDS / BL URL IP
2023-01-25 05:46:59 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=2ph056j1b5lnr&email= (...) 172.67.159.164
2023-01-23 06:31:47 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...) 104.21.34.109
2023-01-22 22:04:56 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=3b0nm5a1bl9mr&email= (...) 104.21.34.109
2023-01-22 17:57:37 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=2p9471t1bk9i0&email= (...) 172.67.159.164
2023-01-21 10:56:18 +0000 0 - 0 - 1 dateexotic.com/agEA?usid=2rtplj01bavpv&email= (...) 172.67.159.164


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-24 22:59:28 +0000 0 - 0 - 1 her-cupid.com/DwAA/10066/hrm?i=LtKlVmPQYrI&u= (...) 54.39.22.228
2023-01-18 12:00:03 +0000 0 - 3 - 4 3rdmxia7hnyyqutest3.indomel.ga/q3bCCwDV?keywo (...) 146.190.75.35
2023-01-15 15:52:57 +0000 0 - 3 - 3 t0dwjs4fyctest3.ninfpenre.tk/TSKtBH6B?keyword (...) 146.190.75.35
2023-01-15 11:01:13 +0000 0 - 0 - 4 dateexotic.com/agEA?usid=jfkl01a8a51&email=jw (...) 104.21.34.109
2023-01-15 08:12:53 +0000 0 - 3 - 2 w57hzx72aytest3.fortteslapor.tk/TSKtBH6B?keyw (...) 146.190.75.35

JavaScript

Executed Scripts (10)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (75)


Request Response
                                        
                                            GET /agEA?usid=1inbv1613kv3f&email=sthomas@slurpmail.net&sub1=clear_main&prid=1inbv1613kv3f HTTP/1.1 
Host: dateexotic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.159.164
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 29 Nov 2022 04:53:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpmwEE%2Fs4oYnK2EzoQy8BtN%2F5%2FOWCD7%2BLvvy6RGojHcl6CInC0QXY%2F6tvuXmWotbEDmFMaBDgZAkQqkaHQGgQWa%2F1PvDZSdCOFrelHhuGBI4NW1dVZcAildN0N6aj6ZFNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718be083acab505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   907
Md5:    f644572248ce42c31779d65845c95277
Sha1:   6963b52cff901ae5ce3eb250820dcaef46cc9388
Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3489
Expires: Tue, 29 Nov 2022 05:52:03 GMT
Date: Tue, 29 Nov 2022 04:53:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4089
Cache-Control: max-age=110736
Date: Tue, 29 Nov 2022 04:53:54 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:39:30 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4774
Expires: Tue, 29 Nov 2022 06:13:28 GMT
Date: Tue, 29 Nov 2022 04:53:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 04:19:35 GMT
cache-control: public,max-age=3600
age: 2059
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: sZ2Fjk3Yy+B14KfExB00veM+iFje1MIo5NtebnnhaPDRtUCXwIG15xOG1dFVflttgWw2DNiwAWo=
x-amz-request-id: ECB4XJD8DFH44JRW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 04:45:19 GMT
age: 515
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /static/js/build/bd.js HTTP/1.1 
Host: dateexotic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dateexotic.com/agEA?usid=1inbv1613kv3f&email=sthomas@slurpmail.net&sub1=clear_main&prid=1inbv1613kv3f

search
                                         172.67.159.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 29 Nov 2022 04:53:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7718be0aabddb505-OSL
Age: 10457
ETag: W/"static/js/build/bd.3ad9d77bdd.js"
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6s09u887gARkCzxY1jebGwlMWVwFbhGir4zDDp%2BKkB2TF2LcNqjt1s4G6qVwHjxT15uoEQjwKcs6vjwUrhsOpMSfPq89Yu1NIpaUMAnERznUo8ww%2BrVTvlt%2FWe6XyMT0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (8033)
Size:   3571
Md5:    896fa747a8832e6a6ac72bbbcfc917f6
Sha1:   67dc40632c900a9f84280f0898b308b8a6b3e3a5
Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 04:53:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dateexotic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dateexotic.com/agEA?usid=1inbv1613kv3f&email=sthomas@slurpmail.net&sub1=clear_main&prid=1inbv1613kv3f

search
                                         172.67.159.164
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 29 Nov 2022 04:53:55 GMT
Content-Length: 47
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrCoEyrQpPopf8qAyNXmZ8tj40E3mFrzhY%2BJpT0X6ILDkbHk5gCalmryca71mTlM%2ByvQi2p7NvjIF01%2F%2F1G8ZlJDmmpviqIh4vMuWiulwitdbrPInjZYHT9hFnJ8KMm%2BQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7718be0c5c94b505-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   47
Md5:    2f3ca1d38e8b18ef00c4a0eff0889cfc
Sha1:   2f28ed1ccf7c08cf22491757fe20385249db162e
Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 10:53:55 GMT
Date: Tue, 29 Nov 2022 04:53:55 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 2699
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5794
Cache-Control: max-age=107374
Date: Tue, 29 Nov 2022 04:53:55 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:43:29 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 10:53:55 GMT
Date: Tue, 29 Nov 2022 04:53:55 GMT
Connection: keep-alive

                                        
                                            POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xaW5idjE2MTNrdjNmJmVtYWlsPXN0aG9tYXMlNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXJfbWFpbiZwcmlkPTFpbmJ2MTYxM2t2M2YmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=4e542e0da82c3dbffae8a8a12aed565f HTTP/1.1 
Host: alexatracker.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.204.112
HTTP/2 301 Moved Permanently
                                        
date: Tue, 29 Nov 2022 04:53:55 GMT
content-length: 0
location: https://www2.dateexotic.com/agEA?usid=1inbv1613kv3f&email=sthomas%40slurpmail.net&sub1=clear_main&prid=1inbv1613kv3f&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=6678623333191618659&c=3789719422
set-cookie: trbarid=6678623333191618659;expires=Thu, 28 Nov 2024 04:53:55 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lH4YnCr8zrdNHiJHlvjFps7FmEhRaJK3bWoGE8sCcBBS%2B5Nt1B1mBJBlgRbi6pV3EpQqf0lWxhnepgIIJpY4Im6G%2BiEiKyDdsgh2HQt2HPzs7RsAq%2F3iBDLvMUHavcNH4r0a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718be10cea8b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Rc/TO9ysg4o+AAMWD2tbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.38.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kfnw7q/XUu5qwCCNJcFCSzOAyF8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B264F3E63F403D010F1661AE0498D1EC3212D45142085054A43D1D5EF7779F0E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8927
Expires: Tue, 29 Nov 2022 07:22:43 GMT
Date: Tue, 29 Nov 2022 04:53:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15562
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 04:53:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15562
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 04:53:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15562
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 04:53:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15562
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 04:53:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9376
x-amzn-requestid: 265257bd-0177-4e63-879b-e9f99d0d16c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTZANFW2oAMFlyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63846ecd-6767ccde3361eb593108603d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 08:18:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntQPVFK12XqhVCMlaq0oIDx7k6e2xQdp1Y67W1nG6ayhG1XFekz5CQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:30 GMT
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
age: 68427
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9376
Md5:    cce27a1fe8c0222811a5ce0e7f89e1cb
Sha1:   28c165bac8cf68cd1b0763c311aece00672cb3a5
Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 5746
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:31:14 GMT
age: 51763
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10445
Md5:    c76e3c4cc159bda9b9e887fcd449ba51
Sha1:   12d90c36bd455b3b859fdb761b6ed49ea9f98f80
Sha256: fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4901
x-amzn-requestid: a5ad8fee-b892-4485-9975-40e183506a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIsO3HDGIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380272b-5827122433cb8c6d5ab7e300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:23:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MSxsBockYtOQ1vJwadowGgFdFGyqM2R4ax2EQTLoVPu6y0hWy1H1sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 15:12:07 GMT
age: 49310
etag: "3515adf47d25a17eec2a62d045d217cd23a0f985"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4901
Md5:    c812ff38eed34e674ee4090ffc602358
Sha1:   3515adf47d25a17eec2a62d045d217cd23a0f985
Sha256: 17847348aa28dce436e4181ec86578e154c3a700b48df9bbdb771abaa3d2ed58
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UO4hCMgPgR4-ld-QCKgNPrq4p1gduUSA5R4ffZmnFodBj-1_NcFLmg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:37:21 GMT
age: 26196
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8106
Md5:    5ab97acd46d3380fa12711c96b3c2d35
Sha1:   b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
Sha256: aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3905
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMFcYHE6IAMFmpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:10:04 GMT
age: 78233
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3905
Md5:    06723cdab42df9b5334f540a8c7ebc60
Sha1:   3bbc44cb84a37ce6a067db4301dd81647a77c29f
Sha256: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 
Host: js.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.217
HTTP/2 200 OK
content-type: text/javascript
                                        
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 10
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 04:53:57 GMT
age: 183
x-served-by: getsentry-web-default-common-production-546cdd455-mppqd, cache-bma1653-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1021
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (512)
Size:   1021
Md5:    3b07f6f3625abf8ad4dafd7b821ad69e
Sha1:   304bbec923fc251222f5d8bf87ff13244ac12201
Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 07:01:52 GMT
expires: Tue, 28 Nov 2023 07:01:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
age: 78725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   31021
Md5:    903bc7a7e510f87aa5d0201eb59a0832
Sha1:   ac9aa4dd94cde1bcba9037e94087138b127e41fc
Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
                                        
                                            GET /static/DAAA/css/bootstrap-reboot.min.css HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 3879
last-modified: Mon, 20 Jul 2020 11:08:38 GMT
etag: "5f157b36-f27"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3498)
Size:   3879
Md5:    522e4ec96bebf2d79e37786091541e21
Sha1:   0ba39cdcbb5c7006f2009e60c766e10e9691b734
Sha256: c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295
                                        
                                            GET /static/DAAA/css/styles.css HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 6183
last-modified: Tue, 21 Jul 2020 09:17:46 GMT
etag: "5f16b2ba-1827"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   6183
Md5:    dd208b4696de6516cf66b2a6d94d75d6
Sha1:   d6e6ef2262d7ca5328bcb0a5714cbc6b1643f170
Sha256: 2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa
                                        
                                            GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 04:53:57 GMT
date: Tue, 29 Nov 2022 04:53:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1047
Md5:    6b7ece54523b855373748944266f60c3
Sha1:   9ce5403fb486d9505ddf1dd9db74de2a9b39e8cf
Sha256: c9208c0f49d8a96725e8e7e61bd4d5fc6e7732278c0ea144d60492765ce4c554
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /7.21.1/bundle.es5.min.js HTTP/1.1 
Host: browser.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: public, max-age=31536000
expires: Thu, 23 Nov 2023 17:02:22 GMT
last-modified: Wed, 23 Nov 2022 11:53:26 GMT
etag: "66704d64b742c25f1edefdf90adf3f2f"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 04:53:57 GMT
age: 474695
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (62012)
Size:   20162
Md5:    66704d64b742c25f1edefdf90adf3f2f
Sha1:   5f54e6f7e7e066f91aa129fa2a877618916aacb1
Sha256: 3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 04:53:57 GMT
Etag: "6384bad1-117"
Server: ECS (amb/6B9F)
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2B2383F9CED9A8175201BB3FB857BAB8D68345F8FD6F046D22778133C41C9DC0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3414
Expires: Tue, 29 Nov 2022 05:50:51 GMT
Date: Tue, 29 Nov 2022 04:53:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 04:53:57 GMT
Last-Modified: Tue, 29 Nov 2022 04:53:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 
Host: o65532.ingest.sentry.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.195.249
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2B2383F9CED9A8175201BB3FB857BAB8D68345F8FD6F046D22778133C41C9DC0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3414
Expires: Tue, 29 Nov 2022 05:50:51 GMT
Date: Tue, 29 Nov 2022 04:53:57 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 389619
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /cdn/push.min.js HTTP/1.1 
Host: cdnjam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.58.242
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 29 Nov 2022 04:53:57 GMT
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SE4e8q6kA29jAO5fS7Eawv1Pbe5sHDG7NwnJyI7IjFdAcMeb%2BprbSdqoOM%2BiPXax667P7nFOnsaXniuH5klAa2fi66ewEi1PgfOZ2FtjD26MEK6QqpWpcWhLWjUz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7718be1b88c41bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36273)
Size:   11024
Md5:    57b2c7f482cdc86f2ed3d59f0ee5236a
Sha1:   6de6270ea76f0ac648ae4274bc0c0051f302aa4c
Sha256: 448b6144a61fe4e1f698a55a3700e4640dbfd174f4fd865285a207cc6ef44d64
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/DAAA/img/set-1/small/img-5.jpg HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 6194
last-modified: Mon, 20 Jul 2020 14:22:14 GMT
etag: "5f15a896-1832"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x120, components 3\012- data
Size:   6194
Md5:    89549bd65753a0f0e1b09e6bf90ed0d5
Sha1:   44ae3f09c9696ff83ab4ce4ca9bd3eaf2d62ab98
Sha256: 1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f
                                        
                                            GET /static/DAAA/img/set-1/img-3.jpg HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 163898
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-2803a"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 774x1360, components 3\012- data
Size:   163898
Md5:    08842d2eee4073d51613355da2bee5d1
Sha1:   35f245c4de4a835b15608ffdc5417843548d6bd8
Sha256: 9cf7c14a1f169236d006a52c39a33cfe0c3f0a871bdf0e53049dece989188ddc
                                        
                                            GET /static/DAAA/img/set-1/img-4.jpg HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 149540
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-24824"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 769x1350, components 3\012- data
Size:   149540
Md5:    2f9d13fc1501209e574e8d86ad2cbf6b
Sha1:   a0521f04bf849a34a78b5c15caaa0b34e33a121b
Sha256: 96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85
                                        
                                            GET /static/DAAA/img/set-1/img-1.jpg HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 290615
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-46f37"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data
Size:   290615
Md5:    12b1bb2135d1607fc59e4045c702da89
Sha1:   c34a7a2e9bf1595ea2ee1d0c18eb428cfcd3ff4e
Sha256: 24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4
                                        
                                            GET /static/DAAA/img/set-1/img-5.jpg HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 204097
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-31d41"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1013x1350, components 3\012- data
Size:   204097
Md5:    7521e9a6aea4d17eaa1f6dc9c9eb75bf
Sha1:   c869ef5799e28537a238733d184e6b3707264635
Sha256: 5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e
                                        
                                            GET /static/DAAA/img/set-1/img-2.jpg HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
content-length: 343049
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-53c09"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data
Size:   343049
Md5:    fcc7e18f8fbe4b0682cd80992bc329c5
Sha1:   c637153efeb0f794364a930bc0344da1dbdb63e1
Sha256: ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5729
Cache-Control: max-age=115238
Date: Tue, 29 Nov 2022 04:53:58 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:54:36 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 
Host: lh3.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.142
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:53:58 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   337
Md5:    66a43eafe19fd2e9782007272dd06ced
Sha1:   9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
                                        
                                            POST /get-keys HTTP/1.1 
Host: app.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.138.29
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 29 Nov 2022 04:53:57 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1DmCOZUxjGJpbaEkgJ%2BWfWDYTRzbnaIm1uiFbXHP%2FDpeW05yT%2Bmkl3ibE6zUX%2BQWCjVqJPYBlVG3%2FZCD85v5P5NYViwi0t6L8NuOA3PlWoes3ckITehB%2BO185Q%2B%2FUk3PY3S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7718be1cae5e76a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1940), with no line terminators
Size:   798
Md5:    b52b97526680e174c333ef573ae186f3
Sha1:   9b6ab438f58765ee216d7a5c4eeee191d7ec358b
Sha256: e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2
                                        
                                            GET /static/DAAA/favicon-150x150.png HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_BKhxe2OFkGQ=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJCS2h4ZTJPRmtHUSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5Iiwic2VhcmNoIjoiP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9; userid=f7fbe0865257c5878198abde67149f626953f384495ed056cefbc177c5dddc0ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A837067287152%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:58 GMT
content-length: 3559
last-modified: Mon, 20 Jul 2020 07:12:48 GMT
etag: "5f1543f0-de7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   3559
Md5:    86f9929824fc0d3b444b16a1ba4df0b9
Sha1:   821aaf3136d30d89d6585ddb149a30a905c76f03
Sha256: 860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb
                                        
                                            GET /user-id?nbl=&impression=BKhxe2OFkGQ&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DBKhxe2OFkGQ%26u%3D6678623333191618659&search=%3Fi%3DBKhxe2OFkGQ%26u%3D6678623333191618659&contactExists=false HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_BKhxe2OFkGQ=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJCS2h4ZTJPRmtHUSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5Iiwic2VhcmNoIjoiP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5IiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
set-cookie: userid=f7fbe0865257c5878198abde67149f626953f384495ed056cefbc177c5dddc0ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A837067287152%3B%7D; expires=Thu, 30-Nov-2023 01:10:37 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- data
Size:   1167
Md5:    977ad4f6892e8cb0fe9d98b77d91b4c2
Sha1:   03d3d7a05a285daf0c29203096ab5cc33f9a2bfa
Sha256: 976348eef6b3fe84c81b03a22b589b32611ddbf161790ced399abd239b20d7d5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5729
Cache-Control: max-age=115238
Date: Tue, 29 Nov 2022 04:53:58 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:54:36 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 04:53:58 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S420345548%3A1669697638388810&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs7F2GHR8ogb6BxF9dKyb-M5wSEaHj-MSas5dFaKPhF_yJHXXoV3unjUiuSgNPKZO8u2rc2KQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-DrpTufCK3f1EQtvva_5Kdw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 410
server: GSE
set-cookie: __Host-GAPS=1:jrCg4Cm_gzxU6WVWFGkKGTP420cX9g:UuqTOkQ_2ny30Qql;Path=/;Expires=Thu, 28-Nov-2024 04:53:58 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Size:   410
Md5:    e35ae7fa76db9ceba8ea26304a3d299b
Sha1:   1f59a05e78e9a34b332f4f4f0ddc88b81949e107
Sha256: 0a20b9160fc15f918f55df4c2be4812c51b26b45df503ded7e499e04408e520d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3973
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 04:53:58 GMT
Last-Modified: Tue, 29 Nov 2022 03:47:46 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FB9EA3D68FE575BE42DFE4252DDF347129DFFD7CCC9C08B869143F64357E4053"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2688
Expires: Tue, 29 Nov 2022 05:38:46 GMT
Date: Tue, 29 Nov 2022 04:53:58 GMT
Connection: keep-alive

                                        
                                            GET /video/manage?o=mr&t=pr2 HTTP/1.1 
Host: pornhub.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         66.254.114.41
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: openresty
date: Tue, 29 Nov 2022 04:53:58 GMT
content-length: 166
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
x-frame-options: SAMEORIGIN
rating: RTA-5042-1996-1400-1577-RTA
set-cookie: __s=63859066-42FE722901BB1F65-1A979695; Secure; Samesite=None __l=63859066-42FE722901BB1F65-1A979695; Secure; Samesite=None; Max-Age=31556926
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63859066-42FE722901BB1F65-1A979695
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    3ea1c8d079b38532a6e01a96216ba5e2
Sha1:   598d3ff91d3e252f1e13df8cf0348b270ff2da3f
Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
                                        
                                            GET /user/security/1111 HTTP/1.1 
Host: www.pornhubpremium.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         66.254.114.33
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
server: openresty
date: Tue, 29 Nov 2022 04:53:58 GMT
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 04:53:58 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Tue, 06-Dec-2022 04:53:58 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=12wcior3pha82k0pg40r4cae5vlngzcz; expires=Fri, 26-Nov-2032 04:53:58 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=237132637185597155; expires=Wed, 29-Nov-2023 04:53:58 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=7xGk-vUZ2GakiAHtqePioBuLijxRYabig_XETN_CIClxnj-XSyqARsmQCx3UoBSy
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63859066-42FE722101BB9700-1A03F89A

                                        
                                            GET /premium/login?redirect=7xGk-vUZ2GakiAHtqePioBuLijxRYabig_XETN_CIClxnj-XSyqARsmQCx3UoBSy HTTP/1.1 
Host: www.pornhubpremium.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=12wcior3pha82k0pg40r4cae5vlngzcz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         66.254.114.33
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
server: openresty
date: Tue, 29 Nov 2022 04:53:58 GMT
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 04:53:58 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Tue, 06-Dec-2022 04:53:58 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=257916593065817669; expires=Wed, 29-Nov-2023 04:53:58 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=77590.100000; expires=Thu, 29-Dec-2022 04:53:58 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Thu, 29-Dec-2022 04:53:58 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63859066-42FE722101BB9700-1A03F8C4


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)
Size:   7794
Md5:    916846eb6bb9a3c06b3899bbbeba4e71
Sha1:   16035b45e57ff111dd06468683aebabb7d639ea7
Sha256: 35527b6c5f70ec060b593ff80f7988630294fa0bde4fd123ca1f88b4b925da98
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 04:53:58 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT
Expires: Sat, 03 Dec 2022 07:48:03 GMT
Etag: "f66d108422d188602530372875d7beac8327ef5e"
Cache-Control: max-age=355444,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7718be217f95b4f1-OSL

                                        
                                            GET /favorite/90902157/mk_1123 HTTP/1.1 
Host: www.xvideos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.88.181.2
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 29 Nov 2022 04:53:58 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=d5bb30ab468ce85bqpZoaVvFeHwTOkd8VKOmwMz5KkkC5p2kPcmNnlnh0-HDl0KclMje385n9Nv_iWbgxVd3Z8_vpNMAolBizfKsgOxFqK5aOD3vpFgrB8NfVRq6Q3LSEeADTe8kEhv9ymM3_tqB0sRBVqO8pwkdnKp6Kh8zM-tEGRT3mQ3rYLskAWdsJmqHU3To38PsvftyCecR; expires=Thu, 29-Dec-2022 04:53:58 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644)
Size:   25865
Md5:    0888fdc4b724f871526eefa35e0c1031
Sha1:   809cb4a0ea66dd6ca0a4c46a998f0183cf69a805
Sha256: 3c12ec0ba63c1c09e86b8d3005a9ea7b634a886432fa85ff9f6d5b777ca95c49
                                        
                                            GET /agEA?usid=1inbv1613kv3f&email=sthomas%40slurpmail.net&sub1=clear_main&prid=1inbv1613kv3f&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 
Host: www2.dateexotic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dateexotic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.67.159.164
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 04:53:55 GMT
location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xaW5idjE2MTNrdjNmJmVtYWlsPXN0aG9tYXMlNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXJfbWFpbiZwcmlkPTFpbmJ2MTYxM2t2M2YmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=4e542e0da82c3dbffae8a8a12aed565f
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDZF8NSPD7gQWY863JIeukTSynnz3NKHkoT7GhV1YFhxu6O2KNUg2PKSHPBSFvtkHuqmLYx5stIMhXKuWlK8OBtyK4U75%2F751UI0XAfdL9KWadWg7u2mrFFWJG4C0QlJlN1YABZg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7718be0ccee40b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /video/manage?o=mr&t=pr2 HTTP/1.1 
Host: www.pornhub.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         66.254.114.41
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: openresty
date: Tue, 29 Nov 2022 04:53:58 GMT
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 04:53:58 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Tue, 06-Dec-2022 04:53:58 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=sligpdlbj01uwgq0415n5ov2yvrunj0t; expires=Fri, 26-Nov-2032 04:53:58 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=241695983102190425; expires=Wed, 29-Nov-2023 04:53:58 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=23562.100000; expires=Thu, 29-Dec-2022 04:53:58 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=63859066-42FE722901BB1F65-1A9796CB; Secure; Samesite=None __l=63859066-42FE722901BB1F65-1A9796CB; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63859066-42FE722901BB1F65-1A9796CB
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login HTTP/1.1 
Host: www.pornhub.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=sligpdlbj01uwgq0415n5ov2yvrunj0t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         66.254.114.41
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: openresty
date: Tue, 29 Nov 2022 04:53:58 GMT
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 04:53:58 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Tue, 06-Dec-2022 04:53:58 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure ss=466031748615903643; expires=Wed, 29-Nov-2023 04:53:58 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=58440.100000; expires=Thu, 29-Dec-2022 04:53:58 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=63859066-42FE722901BB1F65-1A9796FE; Secure; Samesite=None __l=63859066-42FE722901BB1F65-1A9796FE; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63859066-42FE722901BB1F65-1A9796FE
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /stats HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 318
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_BKhxe2OFkGQ=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJCS2h4ZTJPRmtHUSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5Iiwic2VhcmNoIjoiP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImx1aWQiOjgzNzA2NzI4NzE1MiwiZXZlbnQiOiJleHRzZXMiLCJkYXRhIjp7InBoIjoiZmFsc2UifX0=; userid=f7fbe0865257c5878198abde67149f626953f384495ed056cefbc177c5dddc0ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A837067287152%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:59 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /DwAA/10066/oth?i=BKhxe2OFkGQ&u=6678623333191618659 HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:57 GMT
access-control-allow-origin: *
x-cache-status: EXPIRED
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S420345548%3A1669697638388810&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs7F2GHR8ogb6BxF9dKyb-M5wSEaHj-MSas5dFaKPhF_yJHXXoV3unjUiuSgNPKZO8u2rc2KQ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 04:53:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-YD7SvAbCHqDW16IviXouKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /stats HTTP/1.1 
Host: her-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 383
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_BKhxe2OFkGQ=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJCS2h4ZTJPRmtHUSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5Iiwic2VhcmNoIjoiP2k9QktoeGUyT0ZrR1EmdT02Njc4NjIzMzMzMTkxNjE4NjU5IiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImx1aWQiOjgzNzA2NzI4NzE1MiwiZXZlbnQiOiJsb2FkIiwiZGF0YSI6eyJyZXNwb25zZVN0YXJ0IjoyMzMxLCJkb21JbnRlcmFjdGl2ZSI6MjY3NywiZG9tQ29tcGxldGUiOjMzODR9fQ==; userid=f7fbe0865257c5878198abde67149f626953f384495ed056cefbc177c5dddc0ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A837067287152%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.39.22.228
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 04:53:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing