r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13396
Expires: Fri, 11 Nov 2022 22:27:32 GMT
Date: Fri, 11 Nov 2022 18:44:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4353
Cache-Control: max-age=147584
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:16 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:44:00 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 18:44:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 12
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2302
Expires: Fri, 11 Nov 2022 19:22:38 GMT
Date: Fri, 11 Nov 2022 18:44:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zuOL38/WMYdn4mr85nS0snhYxCw+yRdiiPVvIgRoaqIvHWdXMiGEKRsmJEhtKtBpBY3zep0a0dI=
x-amz-request-id: XFZJHA5ME3P1Y6YG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 17:49:54 GMT
age: 3262
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
vq6k2zzymhtest3.coacihandce.tk/q3bCCwDV?keyword=Tim.bradley@slurpmail.net&sub1=clear&sub3=ccjn.com.co
146.190.75.35302 Found 0 B URL HTTP/1.1 vq6k2zzymhtest3.coacihandce.tk/q3bCCwDV?keyword=Tim.bradley@slurpmail.net&sub1=clear&sub3=ccjn.com.co
IP 146.190.75.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /q3bCCwDV?keyword=Tim.bradley@slurpmail.net&sub1=clear&sub3=ccjn.com.co HTTP/1.1
Host: vq6k2zzymhtest3.coacihandce.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Fri, 11 Nov 2022 18:44:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://dateexotic.com/agEA?usid=s8hnpa11jhhg&email=Tim.bradley%40slurpmail.net&sub1=clear_main&prid=s8hnpa11jhhg
Pragma: no-cache
Set-Cookie: _subid=s8hnpa11jhhg;Expires=Monday, 12-Dec-2022 18:44:16 GMT;Max-Age=2678400;Path=/
b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExOVwiOjE2NjgxOTIyNTZ9LFwiY2FtcGFpZ25zXCI6e1wiMzJcIjoxNjY4MTkyMjU2fSxcInRpbWVcIjoxNjY4MTkyMjU2fSJ9.VG2vMe2GyEDv0CxQYYQGp8cMgyG8bFWWPJAVfKOoV0o;Expires=Monday, 23-Sep-2075 13:28:32 GMT;Max-Age=1668278656;Path=/
_token=uuid_s8hnpa11jhhg_s8hnpa11jhhg636e9800e2c001.21959505;Expires=Monday, 12-Dec-2022 18:44:16 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:44:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97447a89259541c8e3dfda1395263885
c04c093da05c303808b8b0d601948c1bad46f32d
45c90277ffb4d8369c27df858d8a6cb8543a63f4520d0a69126cc89632997cd7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "45C90277FFB4D8369C27DF858D8A6CB8543A63F4520D0A69126CC89632997CD7"
Last-Modified: Fri, 11 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Fri, 11 Nov 2022 19:54:20 GMT
Date: Fri, 11 Nov 2022 18:44:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97447a89259541c8e3dfda1395263885
c04c093da05c303808b8b0d601948c1bad46f32d
45c90277ffb4d8369c27df858d8a6cb8543a63f4520d0a69126cc89632997cd7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "45C90277FFB4D8369C27DF858D8A6CB8543A63F4520D0A69126CC89632997CD7"
Last-Modified: Fri, 11 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Fri, 11 Nov 2022 19:54:20 GMT
Date: Fri, 11 Nov 2022 18:44:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 17:44:48 GMT
cache-control: public,max-age=3600
age: 3569
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3639
Cache-Control: max-age=141794
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:17 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:07:31 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 142.250.74.35:0
Hash 748c7a49e8da754a49c2ac1f135d92f2
24de4241638689ac812d4237739ee70c7f15dd95
028db1f69bc901d504a8e5a149cab67f3bc8449b24c53b2871b83d8e72df87a2
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExMWpoaGcmZW1haWw9VGltLmJyYWRsZXklNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXJfbWFpbiZwcmlkPXM4aG5wYTExamhoZyZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=cfc1ebc67a6b65f94768477323accf36
104.21.85.99301 Moved Permanently 0 B URL HTTP/2 alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExMWpoaGcmZW1haWw9VGltLmJyYWRsZXklNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXJfbWFpbiZwcmlkPXM4aG5wYTExamhoZyZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=cfc1ebc67a6b65f94768477323accf36
IP 104.21.85.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExMWpoaGcmZW1haWw9VGltLmJyYWRsZXklNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXJfbWFpbiZwcmlkPXM4aG5wYTExamhoZyZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5&h=cfc1ebc67a6b65f94768477323accf36 HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 11 Nov 2022 18:44:18 GMT
content-length: 0
location: https://www2.dateexotic.com/agEA?usid=s8hnpa11jhhg&email=Tim.bradley%40slurpmail.net&sub1=clear_main&prid=s8hnpa11jhhg&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=1069170438571988994&c=1094002679
set-cookie: trbarid=1069170438571988994;expires=Sun, 10 Nov 2024 18:44:18 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIhrVON7tQOfVI6Rlxq443HpGoLtrlOkV1L7X0KIuFb44royaWebsSqErIDX1eADMhcVgDPTQ6PGa7CQmOLpsfciRG7xLByy%2BUCxihc2lO7es2%2BhcM%2FR5OvB5QP8YJ3PBMUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76892dac9fb20b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sCrrHVpwOfNHM0iIUDj70g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s/h+BEz856abEFQscDSjBikp4xc=
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 142.250.74.35:0
Hash 748c7a49e8da754a49c2ac1f135d92f2
24de4241638689ac812d4237739ee70c7f15dd95
028db1f69bc901d504a8e5a149cab67f3bc8449b24c53b2871b83d8e72df87a2
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b62f2fe3dfe264251d7b2629c9b121f
c72f3702588f45a410b268478a5b91908be13cda
9a286c5547a5877ed98eee8f678ff9405b2588605cfa71d92b2204f12411f0d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A286C5547A5877ED98EEE8F678FF9405B2588605CFA71D92B2204F12411F0D6"
Last-Modified: Wed, 09 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15091
Expires: Fri, 11 Nov 2022 22:55:49 GMT
Date: Fri, 11 Nov 2022 18:44:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3e2d4d9361b6db4411425505e34e08c3
9ee27aca0ae50e1c9c818afe65761d35e539d771
7700f00baa9bd07967f64a21cab9dc6bea6ff0a6167deac1c891c4ca55b8a2df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6279
Cache-Control: max-age=160981
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Etag: "636e5151-118"
Expires: Sun, 13 Nov 2022 15:27:20 GMT
Last-Modified: Fri, 11 Nov 2022 13:42:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3e2d4d9361b6db4411425505e34e08c3
9ee27aca0ae50e1c9c818afe65761d35e539d771
7700f00baa9bd07967f64a21cab9dc6bea6ff0a6167deac1c891c4ca55b8a2df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6279
Cache-Control: max-age=160981
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Etag: "636e5151-118"
Expires: Sun, 13 Nov 2022 15:27:20 GMT
Last-Modified: Fri, 11 Nov 2022 13:42:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
151.101.2.217200 OK 1.0 kB URL HTTP/2 js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (512)
Hash f405412b99eedf3517d9d3b7e203dbe7
fa7aa0d294c2abcc13d6eb54dd382adbd4944e5d
7e88680cf1106cae6e9d86d54446f71665bd8467f978b0fb805955e1eed8859a
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 15
content-encoding: gzip
accept-ranges: bytes
date: Fri, 11 Nov 2022 18:44:19 GMT
age: 50
x-served-by: getsentry-web-default-common-production-5b47f5d7b7-gx6bj, cache-bma1661-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1020
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 08:46:23 GMT
expires: Sat, 11 Nov 2023 08:46:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 35876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/css/bootstrap-reboot.min.css
54.39.22.228200 OK 3.9 kB URL HTTP/2 her-cupid.com/static/DAAA/css/bootstrap-reboot.min.css
IP 54.39.22.228:0
File type ASCII text, with very long lines (3498)
Hash 522e4ec96bebf2d79e37786091541e21
0ba39cdcbb5c7006f2009e60c766e10e9691b734
c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295
GET /static/DAAA/css/bootstrap-reboot.min.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: text/css
content-length: 3879
last-modified: Mon, 20 Jul 2020 11:08:38 GMT
etag: "5f157b36-f27"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/css/styles.css
54.39.22.228200 OK 6.2 kB URL HTTP/2 her-cupid.com/static/DAAA/css/styles.css
IP 54.39.22.228:0
File type ASCII text, with CRLF line terminators
Hash dd208b4696de6516cf66b2a6d94d75d6
d6e6ef2262d7ca5328bcb0a5714cbc6b1643f170
2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa
GET /static/DAAA/css/styles.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: text/css
content-length: 6183
last-modified: Tue, 21 Jul 2020 09:17:46 GMT
etag: "5f16b2ba-1827"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/DwAA/10066/oth?i=XFNkPmNumAI&u=1069170438571988994
54.39.22.228200 OK 16 kB URL HTTP/2 her-cupid.com/DwAA/10066/oth?i=XFNkPmNumAI&u=1069170438571988994
IP 54.39.22.228:0
Hash 9318146366087f58d18d9f183deaf97a
f201b434ea8d465f4dc0967aaff201bfdeb01b73
abf22ae4c03772eee31b367c493c59f6cd5755991f3788b9d7b30f16d11d1e15
GET /DwAA/10066/oth?i=XFNkPmNumAI&u=1069170438571988994 HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.2.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Fri, 11 Nov 2022 18:44:19 GMT
age: 4187
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6200
Expires: Fri, 11 Nov 2022 20:27:39 GMT
Date: Fri, 11 Nov 2022 18:44:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6200
Expires: Fri, 11 Nov 2022 20:27:39 GMT
Date: Fri, 11 Nov 2022 18:44:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:18:29 GMT
age: 51950
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6200
Expires: Fri, 11 Nov 2022 20:27:39 GMT
Date: Fri, 11 Nov 2022 18:44:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88c9931a009690991e73c5b37a1aa085
815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0
74e70391889e4b46742033b1d5daccfec415ba2ee999e429d1013fd4a1ebc61a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8294
x-amzn-requestid: 5dab4522-fca9-4ada-ad6f-3305c9686315
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u3H7PoAMF02g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-756c150c40fe6fff3ae7a609;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FXIS1Gr_-3RUm6WPZCVcjaefD3hehHV-IwO-ieFeUqeoPAE7vajlsg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:51 GMT
etag: "815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0"
content-type: image/jpeg
age: 75448
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90a78b0f806c0c5ef5e7128cc37b2edf
7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc
770a2247a0f8d6b44c61cecc8a11e9882e4dd39269e181eef52cf6816407022b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6696
x-amzn-requestid: 19f91da1-beeb-400a-b4c0-059851ca839f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ_F3doAMFr6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-2ef73e121ff2c3cf0e95b450;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GgmLFeCzBEuR8gcEDGr8nBYW4xUUkIKZi0m8_TZ5quDeLmkROXm2_g==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 07:45:28 GMT
age: 39531
etag: "7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 03:31:46 GMT
age: 54753
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f29164fb4dd64d9ce60566fbebd40f0a
96de8f2627e1103c5e6beb5d64cdbc09f97fce82
8eba6095edfed1ee1402c050727f81b8a9942625fd1c9cbb3bac4e51ee178577
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6517
x-amzn-requestid: 7884aa37-c94f-49d4-b6a4-c6bd66026d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apxD3EeYIAMFYAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2ee5-337e8e0949f5020713fcab58;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kXRfJbLr7ErTvJIW0rjpcqxHA0zvN6XOPrszlIzXBgaJkJGWzkoyGw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 22:00:02 GMT
age: 74657
etag: "96de8f2627e1103c5e6beb5d64cdbc09f97fce82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MhIq0Vdxah99pPo_O7gkhrq9Nekkxld2lv0955wr0yJzcP3g6LAH8g==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 75443
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a69d49f69b4acf931f7a6adaac3dcb4c
d240f19a4cbf1c92da5ed4824afdfbb2a55e33a7
f88bcb43b0e5b05e32e9c49ca597cc120540661a92998be914450b439f246997
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F88BCB43B0E5B05E32E9C49CA597CC120540661A92998BE914450B439F246997"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5619
Expires: Fri, 11 Nov 2022 20:17:58 GMT
Date: Fri, 11 Nov 2022 18:44:19 GMT
Connection: keep-alive
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 16:40:18 GMT
expires: Fri, 10 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 93841
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.139.29204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.139.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 11 Nov 2022 18:44:19 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMulfUgJrfEXTdtY93VbjOHk9orYwU7qo6C7micaRUpPwjQBjaO3vCxk5u3%2BOq1fJkTG9w9ocyZMNZflgW5lz3gVQVvu1MSgAPnA7eoD9XWmiQstBXrOJ9sVdJ55gywyS7Q1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76892db4899b7443-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
34.120.195.249200 OK 2 B URL HTTP/2 o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a69d49f69b4acf931f7a6adaac3dcb4c
d240f19a4cbf1c92da5ed4824afdfbb2a55e33a7
f88bcb43b0e5b05e32e9c49ca597cc120540661a92998be914450b439f246997
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F88BCB43B0E5B05E32E9C49CA597CC120540661A92998BE914450B439F246997"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5619
Expires: Fri, 11 Nov 2022 20:17:58 GMT
Date: Fri, 11 Nov 2022 18:44:19 GMT
Connection: keep-alive
her-cupid.com/static/DAAA/img/set-1/small/img-5.jpg
54.39.22.228200 OK 6.2 kB URL HTTP/2 her-cupid.com/static/DAAA/img/set-1/small/img-5.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x120, components 3\012- data
Hash 89549bd65753a0f0e1b09e6bf90ed0d5
44ae3f09c9696ff83ab4ce4ca9bd3eaf2d62ab98
1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f
GET /static/DAAA/img/set-1/small/img-5.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/jpeg
content-length: 6194
last-modified: Mon, 20 Jul 2020 14:22:14 GMT
etag: "5f15a896-1832"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/img/set-1/img-3.jpg
54.39.22.228200 OK 164 kB URL HTTP/2 her-cupid.com/static/DAAA/img/set-1/img-3.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 774x1360, components 3\012- data
Size 164 kB (163898 bytes)
Hash 08842d2eee4073d51613355da2bee5d1
35f245c4de4a835b15608ffdc5417843548d6bd8
9cf7c14a1f169236d006a52c39a33cfe0c3f0a871bdf0e53049dece989188ddc
GET /static/DAAA/img/set-1/img-3.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/jpeg
content-length: 163898
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-2803a"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/img/set-1/img-4.jpg
54.39.22.228200 OK 150 kB URL HTTP/2 her-cupid.com/static/DAAA/img/set-1/img-4.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 769x1350, components 3\012- data
Size 150 kB (149540 bytes)
Hash 2f9d13fc1501209e574e8d86ad2cbf6b
a0521f04bf849a34a78b5c15caaa0b34e33a121b
96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85
GET /static/DAAA/img/set-1/img-4.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/jpeg
content-length: 149540
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-24824"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/img/set-1/img-1.jpg
54.39.22.228200 OK 291 kB URL HTTP/2 her-cupid.com/static/DAAA/img/set-1/img-1.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data
Size 291 kB (290615 bytes)
Hash 12b1bb2135d1607fc59e4045c702da89
c34a7a2e9bf1595ea2ee1d0c18eb428cfcd3ff4e
24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4
GET /static/DAAA/img/set-1/img-1.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/jpeg
content-length: 290615
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-46f37"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/img/set-1/img-5.jpg
54.39.22.228200 OK 204 kB URL HTTP/2 her-cupid.com/static/DAAA/img/set-1/img-5.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1013x1350, components 3\012- data
Size 204 kB (204097 bytes)
Hash 7521e9a6aea4d17eaa1f6dc9c9eb75bf
c869ef5799e28537a238733d184e6b3707264635
5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e
GET /static/DAAA/img/set-1/img-5.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/jpeg
content-length: 204097
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-31d41"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/img/set-1/img-2.jpg
54.39.22.228200 OK 343 kB URL HTTP/2 her-cupid.com/static/DAAA/img/set-1/img-2.jpg
IP 54.39.22.228:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data
Size 343 kB (343049 bytes)
Hash fcc7e18f8fbe4b0682cd80992bc329c5
c637153efeb0f794364a930bc0344da1dbdb63e1
ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047
GET /static/DAAA/img/set-1/img-2.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/jpeg
content-length: 343049
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-53c09"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d84a911b820c140cf4e3da2af665b63c
fbee3b2193231404844c0ecb6e8f72d02d30e997
7f0381e9de205bbe3e0cab3e7e40afced0d58bb25b8df4715d1406c702624d14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1124
Cache-Control: max-age=118740
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Etag: "636dc073-1d7"
Expires: Sun, 13 Nov 2022 03:43:19 GMT
Last-Modified: Fri, 11 Nov 2022 03:24:35 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
her-cupid.com/stats
54.39.22.228200 OK 357 B IP 54.39.22.228:0
Hash 3b95a569e1d2a2c5688b8605da46c25e
8de7c19e20f18fb5eb41adc6674cfef8b23975d0
2f24612c82ee38ff338f69e4b8ca32c3f0084d5bcacd580223bb0f8fa5e6cefb
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 3241
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImJkLWRhdGEiLCJkYXRhIjp7ImRhdGEiOnsicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQifSwibGllcyI6eyJOYXZpZ2F0b3IuYXBwQ29kZU5hbWUiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuYXBwTmFtZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5hcHBWZXJzaW9uIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLmJ1aWxkSUQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuaGFyZHdhcmVDb25jdXJyZW5jeSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZXMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWF4VG91Y2hQb2ludHMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWltZVR5cGVzIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLm9zY3B1IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnBsYXRmb3JtIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiLCJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdLCJOYXZpZ2F0b3IucGx1Z2lucyI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5wcm9kdWN0IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnByb2R1Y3RTdWIiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3Iuc2VydmljZVdvcmtlciI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci51c2VyQWdlbnQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IudmVuZG9yIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnZlbmRvclN1YiI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl19LCJlcnJvcnMiOnsiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfX19
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/favicon-150x150.png
54.39.22.228200 OK 3.6 kB URL HTTP/2 her-cupid.com/static/DAAA/favicon-150x150.png
IP 54.39.22.228:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 86f9929824fc0d3b444b16a1ba4df0b9
821aaf3136d30d89d6585ddb149a30a905c76f03
860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb
GET /static/DAAA/favicon-150x150.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImJkLWRhdGEiLCJkYXRhIjp7ImRhdGEiOnsicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQifSwibGllcyI6eyJOYXZpZ2F0b3IuYXBwQ29kZU5hbWUiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuYXBwTmFtZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5hcHBWZXJzaW9uIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLmJ1aWxkSUQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuaGFyZHdhcmVDb25jdXJyZW5jeSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZXMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWF4VG91Y2hQb2ludHMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWltZVR5cGVzIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLm9zY3B1IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnBsYXRmb3JtIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiLCJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdLCJOYXZpZ2F0b3IucGx1Z2lucyI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5wcm9kdWN0IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnByb2R1Y3RTdWIiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3Iuc2VydmljZVdvcmtlciI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci51c2VyQWdlbnQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IudmVuZG9yIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnZlbmRvclN1YiI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl19LCJlcnJvcnMiOnsiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfX19
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/png
content-length: 3559
last-modified: Mon, 20 Jul 2020 07:12:48 GMT
etag: "5f1543f0-de7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/v14.0/plugins/like.php
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/v14.0/plugins/like.php
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v14.0/plugins/like.php HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: z8ZhYXJhZQ0R6S1lDn8SB62YfLp2uzH+oy9dX5E4vv3a4c+ZHiWDemzsdX5mbkENyXt38jjKF+Dt9gLuKF1wMQ==
content-length: 0
date: Fri, 11 Nov 2022 18:44:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
her-cupid.com/static/DAAA/favicon-16x16.png
54.39.22.228200 OK 1.1 kB URL HTTP/2 her-cupid.com/static/DAAA/favicon-16x16.png
IP 54.39.22.228:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash be401ad33728dd542f660a0ddd657a64
49b008b667dc9dd34ecab799199e5d7a1e9b0764
39b75cd90731e0f783ce97be98150f8ca304d2569edb8e95f23783b06fe26b5c
GET /static/DAAA/favicon-16x16.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImJkLWRhdGEiLCJkYXRhIjp7ImRhdGEiOnsicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQifSwibGllcyI6eyJOYXZpZ2F0b3IuYXBwQ29kZU5hbWUiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuYXBwTmFtZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5hcHBWZXJzaW9uIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLmJ1aWxkSUQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuaGFyZHdhcmVDb25jdXJyZW5jeSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZXMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWF4VG91Y2hQb2ludHMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWltZVR5cGVzIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLm9zY3B1IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnBsYXRmb3JtIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiLCJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdLCJOYXZpZ2F0b3IucGx1Z2lucyI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5wcm9kdWN0IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnByb2R1Y3RTdWIiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3Iuc2VydmljZVdvcmtlciI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci51c2VyQWdlbnQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IudmVuZG9yIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnZlbmRvclN1YiI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl19LCJlcnJvcnMiOnsiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfX19
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: image/png
content-length: 1129
last-modified: Mon, 20 Jul 2020 07:14:44 GMT
etag: "5f154464-469"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d84a911b820c140cf4e3da2af665b63c
fbee3b2193231404844c0ecb6e8f72d02d30e997
7f0381e9de205bbe3e0cab3e7e40afced0d58bb25b8df4715d1406c702624d14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1124
Cache-Control: max-age=118740
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Etag: "636dc073-1d7"
Expires: Sun, 13 Nov 2022 03:43:19 GMT
Last-Modified: Fri, 11 Nov 2022 03:24:35 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 43e77312eb1fe87b78c7335565ad91e0
121493fd255c444f54ab21ef95d70a6b071eed11
a3ea328acdc6b1af8e29b8bf2dc16ae587bd7323d930d3c52efd665e510a108b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
216.58.207.237302 Found 412 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (387)
Hash d8cde68f69a80ed20ed5341e33308462
4ba11141a61d446fb736b614c8eb13a96b1f5086
049cd91fe3ba3538e7efe6e57ca1dc493a8d0721d67bae38b633bf0abed2bdd0
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Nov 2022 18:44:19 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1257887058%3A1668192259846618&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvOP9qneSHgk8dTcvmCCtlQdxrxmo_iD6oES8U_R-sHpK_z2EN5-GP4JrugTR541jyqFp3-Jg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-vtkFTC6bMBmybxkOwfaGcw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
set-cookie: __Host-GAPS=1:N6Vg6_x2vr9rixT5GsDssXdUgWgMRQ:hekh1urAsf9TtCgd;Path=/;Expires=Sun, 10-Nov-2024 18:44:19 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5a4451365cfa514127f5270973dece8e
aabc3785546d5a7c237f88100cd75c5c01b018a3
237f60bfff8bf48686654af7e397fff5250d1d783dd763410765ef2b17b517da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3538
Cache-Control: max-age=93451
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:44:20 GMT
Etag: "636d543d-139"
Expires: Sat, 12 Nov 2022 20:41:51 GMT
Last-Modified: Thu, 10 Nov 2022 19:42:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9503e6cf7c9624f0a7b497a38430401
d4fac489cc05e93127ad0fa338ccb4abcd4f211d
3f237e9ad5936627b2f765dc0c0ef41b3ceed535792e111802825ee4918fa1a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F237E9AD5936627B2F765DC0C0EF41B3CEED535792E111802825EE4918FA1A7"
Last-Modified: Fri, 11 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3237
Expires: Fri, 11 Nov 2022 19:38:17 GMT
Date: Fri, 11 Nov 2022 18:44:20 GMT
Connection: keep-alive
pornhub.com/video/manage?o=mr&t=pr2
66.254.114.41301 Moved Permanently 166 B URL HTTP/2 pornhub.com/video/manage?o=mr&t=pr2
IP 66.254.114.41:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: text/html
content-length: 166
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
x-frame-options: SAMEORIGIN
rating: RTA-5042-1996-1400-1577-RTA
set-cookie: __s=636E9803-42FE722901BB1770-3C5A114; Secure; Samesite=None
__l=636E9803-42FE722901BB1770-3C5A114; Secure; Samesite=None; Max-Age=31556926
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 636E9803-42FE722901BB1770-3C5A114
X-Firefox-Spdy: h2
www.pornhubpremium.com/user/security/1111
66.254.114.33302 Found 0 B URL HTTP/1.1 www.pornhubpremium.com/user/security/1111
IP 66.254.114.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user/security/1111 HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
server: openresty
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sat, 12-Nov-2022 18:44:20 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Fri, 18-Nov-2022 18:44:20 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
bs=j8wwizu0mnwesc6a7j3ew6syxiboafah; expires=Mon, 08-Nov-2032 18:44:20 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None
ss=529130521040469327; expires=Sat, 11-Nov-2023 18:44:20 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=LDv6IZciaRwKtQL-GtLBQJdrvKkYI_2yVXw6DLjf_vnOncctDXm_AOzd9ZxHhgjd
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 636E9803-42FE722101BB2130-3C5621B
www.pornhubpremium.com/premium/login?redirect=LDv6IZciaRwKtQL-GtLBQJdrvKkYI_2yVXw6DLjf_vnOncctDXm_AOzd9ZxHhgjd
66.254.114.33200 OK 7.8 kB URL HTTP/1.1 www.pornhubpremium.com/premium/login?redirect=LDv6IZciaRwKtQL-GtLBQJdrvKkYI_2yVXw6DLjf_vnOncctDXm_AOzd9ZxHhgjd
IP 66.254.114.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)
Hash f2ad7c55041923fff9d2c28518be9d6d
a63c526e07adf98a2f1ed62ff1e35d5adaff2d28
04c85c3f6873b75dde3dd5dcbb1914738605920d5b9adeeb61fcc44decb100cc
GET /premium/login?redirect=LDv6IZciaRwKtQL-GtLBQJdrvKkYI_2yVXw6DLjf_vnOncctDXm_AOzd9ZxHhgjd HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=j8wwizu0mnwesc6a7j3ew6syxiboafah
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sat, 12-Nov-2022 18:44:20 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Fri, 18-Nov-2022 18:44:20 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=439013732912753681; expires=Sat, 11-Nov-2023 18:44:20 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=52259.100000; expires=Sun, 11-Dec-2022 18:44:20 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Sun, 11-Dec-2022 18:44:20 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 636E9804-42FE722101BB2130-3C562B1
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5020155724365e24e1f04308c174fd90
e19cdb6560fc01e4acc10044a5875c7f2a382281
79ebe7c808bc477d7277082a4ee49f510b3dfdb120a736aadf5085015ccc3eda
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:44:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 19:48:05 GMT
Expires: Tue, 15 Nov 2022 19:48:04 GMT
Etag: "e19cdb6560fc01e4acc10044a5875c7f2a382281"
Cache-Control: max-age=348823,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76892db938cbfac0-OSL
accounts.google.com/v3/signin/identifier?dsh=S-1257887058%3A1668192259846618&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvOP9qneSHgk8dTcvmCCtlQdxrxmo_iD6oES8U_R-sHpK_z2EN5-GP4JrugTR541jyqFp3-Jg
216.58.207.237403 Forbidden 27 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1257887058%3A1668192259846618&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvOP9qneSHgk8dTcvmCCtlQdxrxmo_iD6oES8U_R-sHpK_z2EN5-GP4JrugTR541jyqFp3-Jg
IP 216.58.207.237:0
Hash bf5336e60101a0aa2f96bf8a8d70987f
4df3771f3c4cded3f0f0e94bbd484b3107d36158
c647879d5be0f8a9f4cac9b8ae6907f9ea28c858833a96f9c12a9c66e7eb302c
GET /v3/signin/identifier?dsh=S-1257887058%3A1668192259846618&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvOP9qneSHgk8dTcvmCCtlQdxrxmo_iD6oES8U_R-sHpK_z2EN5-GP4JrugTR541jyqFp3-Jg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Nov 2022 18:44:19 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-unsreWHUnWO9of8JmaeJmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ae1fe42d639643009ccee5a7ef770fd
d43bb27911013930ed09d9609a71d737e0838556
d5fc8515f49a0b90e083f6a6025c3dc71dba286e15d5b3f841772d60d2e68fb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11527
x-amzn-requestid: a2a00c3d-12f7-412b-ba02-6bda7aa60586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNfYZHXhIAMFVYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687902-593d2a380bac7a567af893d3;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:18:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J8-Ix4bZI7Yiu83xhD8WF8T4bdp2kX9s_xgpBLEuufdTtHWx_TKYcw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:50:48 GMT
age: 50018
etag: "d43bb27911013930ed09d9609a71d737e0838556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dateexotic.com/agEA?usid=s8hnpa11jhhg&email=Tim.bradley%40slurpmail.net&sub1=clear_main&prid=s8hnpa11jhhg
104.21.34.109200 OK 0 B URL HTTP/2 dateexotic.com/agEA?usid=s8hnpa11jhhg&email=Tim.bradley%40slurpmail.net&sub1=clear_main&prid=s8hnpa11jhhg
IP 104.21.34.109:0
GET /agEA?usid=s8hnpa11jhhg&email=Tim.bradley%40slurpmail.net&sub1=clear_main&prid=s8hnpa11jhhg HTTP/1.1
Host: dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:44:17 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRxd50Yqplg48o4JLa8mP7iX8L35i0FxtwME9niJ9N6burI7nB5zisEpS5S4xHht1Jp%2BR%2BQ9Vf3Vvl6wLkh7UwaH8wt12Vmq%2BWavuPNJktkIugDfk239tUXlxeM0XBkF6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76892da6d999b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjam.com/cdn/push.min.js
104.21.58.242200 OK 0 B URL HTTP/2 cdnjam.com/cdn/push.min.js
IP 104.21.58.242:0
GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur1jxgvjyT14ylVe1Ztg5X%2F8jEIlI1i1ySARW361zG%2FAXZOU6CPYpyUTnYU37wmnT2WuOXLEXACPpcEw8sfEzYUIVCpeWsb%2Fv0B2ryNrzNQJmO8FmVhwjFkSWMmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76892db35fedb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.139.29200 OK 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.139.29:0
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPB8AN%2FsfqyY6vKDtevTVZeYNC67ZKzNd003Z6bJMLRbYT4lZP3Nd0ACqB7A0i1AnSb8RDOAfn2dHAw4UqCkq1PaEwQ%2BN2lXjTRkU536S5nS3Pl2hex%2Fz5B6PjU55ntvzS17"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76892db4ea4f7443-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
her-cupid.com/user-id?nbl=&impression=XFNkPmNumAI&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DXFNkPmNumAI%26u%3D1069170438571988994&search=%3Fi%3DXFNkPmNumAI%26u%3D1069170438571988994&contactExists=false
54.39.22.228200 OK 0 B URL HTTP/2 her-cupid.com/user-id?nbl=&impression=XFNkPmNumAI&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DXFNkPmNumAI%26u%3D1069170438571988994&search=%3Fi%3DXFNkPmNumAI%26u%3D1069170438571988994&contactExists=false
IP 54.39.22.228:0
GET /user-id?nbl=&impression=XFNkPmNumAI&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDwAA%2F10066%2Foth%3Fi%3DXFNkPmNumAI%26u%3D1069170438571988994&search=%3Fi%3DXFNkPmNumAI%26u%3D1069170438571988994&contactExists=false HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImJkLWRhdGEiLCJkYXRhIjp7ImRhdGEiOnsicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQifSwibGllcyI6eyJOYXZpZ2F0b3IuYXBwQ29kZU5hbWUiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuYXBwTmFtZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5hcHBWZXJzaW9uIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLmJ1aWxkSUQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IuaGFyZHdhcmVDb25jdXJyZW5jeSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZSI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZXMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWF4VG91Y2hQb2ludHMiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWltZVR5cGVzIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLm9zY3B1IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnBsYXRmb3JtIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiLCJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdLCJOYXZpZ2F0b3IucGx1Z2lucyI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5wcm9kdWN0IjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnByb2R1Y3RTdWIiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3Iuc2VydmljZVdvcmtlciI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci51c2VyQWdlbnQiOlsiZmFpbGVkIHRvU3RyaW5nIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IudmVuZG9yIjpbImZhaWxlZCB0b1N0cmluZyIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnZlbmRvclN1YiI6WyJmYWlsZWQgdG9TdHJpbmciLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl19LCJlcnJvcnMiOnsiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfX19
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:19 GMT
content-type: application/json; charset=UTF-8
set-cookie: userid=9296a83647fe1a38064557eb628a60ab2ed92f20258421c6efc666d149ef143da%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A685802283775%3B%7D; expires=Sun, 12-Nov-2023 15:00:59 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.pornhub.com/video/manage?o=mr&t=pr2
66.254.114.41302 Found 0 B URL HTTP/2 www.pornhub.com/video/manage?o=mr&t=pr2
IP 66.254.114.41:0
GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sat, 12-Nov-2022 18:44:20 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Fri, 18-Nov-2022 18:44:20 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=oqh071voqohr61mpihs8hscm9yjb2ozc; expires=Mon, 08-Nov-2032 18:44:20 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=147653568992822306; expires=Sat, 11-Nov-2023 18:44:20 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=92041.100000; expires=Sun, 11-Dec-2022 18:44:20 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=636E9804-42FE722901BB1770-3C5A187; Secure; Samesite=None
__l=636E9804-42FE722901BB1770-3C5A187; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 636E9804-42FE722901BB1770-3C5A187
X-Firefox-Spdy: h2
her-cupid.com/stats
54.39.22.228200 OK 0 B IP 54.39.22.228:0
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 319
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImV4dHNlcyIsImRhdGEiOnsicGgiOiJmYWxzZSJ9LCJsdWlkIjo2ODU4MDIyODM3NzV9; userid=9296a83647fe1a38064557eb628a60ab2ed92f20258421c6efc666d149ef143da%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A685802283775%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
her-cupid.com/stats
54.39.22.228200 OK 0 B IP 54.39.22.228:0
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 582
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOnsidHJhZmZpY1dpdGhFbWFpbENhc2NhZGVJZCI6dHJ1ZSwicmVhbFVzZXJzQ2FzY2FkZUlkIjp0cnVlLCJtYWluQ2FzY2FkZSI6dHJ1ZSwiYmFja0Nhc2NhZGUiOnRydWUsInNlY29uZENsaWNrQ2FzY2FkZSI6dHJ1ZSwicG9wc0Nhc2NhZGUiOmZhbHNlLCJwb3BzQ291bnQiOjF9LCJzaG93ZWRQb3BzIjowLCJ1cmkiOiJodHRwczovL2hlci1jdXBpZC5jb20vRHdBQS8xMDA2Ni9vdGg/aT1YRk5rUG1OdW1BSSZ1PTEwNjkxNzA0Mzg1NzE5ODg5OTQiLCJzZWFyY2giOiI/aT1YRk5rUG1OdW1BSSZ1PTEwNjkxNzA0Mzg1NzE5ODg5OTQiLCJjb250YWN0RXhpc3RzIjpmYWxzZSwiZXZlbnQiOiJleHRzZXMiLCJkYXRhIjp7Inh2aWQiOiJmYWxzZSJ9LCJsdWlkIjo2ODU4MDIyODM3NzV9; userid=9296a83647fe1a38064557eb628a60ab2ed92f20258421c6efc666d149ef143da%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A685802283775%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
her-cupid.com/stats
54.39.22.228200 OK 0 B IP 54.39.22.228:0
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 320
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImV4dHNlcyIsImRhdGEiOnsicGhwIjoiZmFsc2UifSwibHVpZCI6Njg1ODAyMjgzNzc1fQ==; userid=9296a83647fe1a38064557eb628a60ab2ed92f20258421c6efc666d149ef143da%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A685802283775%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
her-cupid.com/stats
54.39.22.228200 OK 0 B IP 54.39.22.228:0
Analyzer Verdict Alert fortinet Phishing
POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 366
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_XFNkPmNumAI=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJYRk5rUG1OdW1BSSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjo3OSwiZmluaXNoQ2xpY2tzQ291bnQiOjAsImxhbmRpbmdDb25maWciOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vaGVyLWN1cGlkLmNvbS9Ed0FBLzEwMDY2L290aD9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsInNlYXJjaCI6Ij9pPVhGTmtQbU51bUFJJnU9MTA2OTE3MDQzODU3MTk4ODk5NCIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImxvYWQiLCJkYXRhIjp7InJlc3BvbnNlU3RhcnQiOjE1ODksImRvbUludGVyYWN0aXZlIjoxODg4LCJkb21Db21wbGV0ZSI6MjYwMH19
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 11 Nov 2022 18:44:20 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2