Report - w57hzx72aytest3.fortteslapor.tk/TSKtBH6B?keyword=stemplin@slurpmail.net&sub1=clear2&sub3=nifty.com

Report Overview

Submitted URL
w57hzx72aytest3.fortteslapor.tk/TSKtBH6B?keyword=stemplin@slurpmail.net&sub1=clear2&sub3=nifty.com
IP
146.190.75.35
ASN
#0
Submitted
2023-01-15 08:12:53
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
dateexotic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	532 B	581 B	172.67.159.164
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	5.9 kB	35.241.9.150
w57hzx72aytest3.fortteslapor.tk	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	938 B	146.190.75.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.237.81
alexatracker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.2 kB	104.21.85.99
her-cupid.com	698724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.1 kB	1.2 MB	54.39.22.228
o65532.ingest.sentry.io	747982	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	577 B	469 B	34.120.195.249
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.4 kB	93.184.220.29
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	32 kB	142.250.74.106
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	12 kB	172.67.166.71
www.xvideos.com	11464	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	32 kB	185.88.181.9
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.33.119.27
js.sentry-cdn.com	5259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	1.7 kB	151.101.2.217
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	1.8 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
browser.sentry-cdn.com	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	21 kB	151.101.2.217
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.33.119.27
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	487 B	32 kB	142.250.74.35
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859 B	1.6 kB	172.64.162.28
pornhub.com	4903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	824 B	66.254.114.41
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
www.pornhubpremium.com	142013	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	10 kB	66.254.114.33
www.pornhub.com	10781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	1.3 kB	66.254.114.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-15 08:12:42	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-01-15 08:12:42	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-01-15 08:12:43	medium	Client IP	146.190.75.35	ET POLICY HTTP Request to a *.tk domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-15	medium	her-cupid.com/stats	Phishing
2023-01-15	medium	her-cupid.com/stats	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852	94 B	2023-03-08	2023-03-13
Pretty URL her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 06:54:02 Times Seen1 Hash abd83097ff968509c2d13a68695d83d2 46bf322c6a7a8b3f2310176d14d94e76c97c366c 954970561be7c748848a5268a58ea2d6a2a3f319a1ebd3b3f1df6f4d640e4af6 Loading...

	her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852	20 kB	2023-03-09	2023-03-13
Pretty URL her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:33:32 Last Seen2023-03-13 02:11:38 Times Seen1 Hash 41e4e656bbcb1a90b335366e22be0372 97588c48d0a43740517f11c3fb9d758203153d35 ff049bb08f3bbbe6454c5657c7e70bcb53b17dd28872660e8944663696709a7c Loading...

	pornhub.com/video/manage?o=mr&t=pr2	282 kB	2023-03-13	2023-03-13
Pretty URL pornhub.com/video/manage?o=mr&t=pr2 IP 66.254.114.41 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:01:30 Last Seen2023-03-13 00:01:30 Times Seen1 Hash 40f93252b6a4345de7d32922760cddc8 81e2aa5327dfe5bb36406fe9a7ac25886b981a4f 11481db42c29914b2e79b2a9129804a61b1960380dca077635e21defa47b5703 Loading...

	dateexotic.com/static/js/build/bd.js	9.6 kB	2023-03-08	2024-02-28
Pretty URL dateexotic.com/static/js/build/bd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2024-02-28 12:28:08 Times Seen126 Hash f6069a3618aaf83f49bc275cefdabc62 941b46212809c234480798ed57cef569ab4316f3 56f971147c45eee57e6c99f09f4cd65f7a1a47a87b9be4814708de41decb0cd5 Loading...

	dateexotic.com/agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76	522 B	2023-03-08	2023-03-13
Pretty URL dateexotic.com/agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76 IP 172.67.159.164 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 02:11:38 Times Seen1 Hash fb67996fc9e5dfeb461edb47f6c08026 5a1d96bbf8a04ff725cfdc3dce298183a4736684 29838d2d65b29af9d0645f1913b789e92fecf1dcc260094bbcf2469aa6171e9b Loading...

	cdnjam.com/cdn/push.min.js	36 kB	2023-03-07	2024-04-19
Pretty URL cdnjam.com/cdn/push.min.js IP 172.67.166.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-04-19 15:59:32 Times Seen140 Hash 44c9e373bc246e347c8420a2eb8f54d4 5eb6010833c0c873766407c7a51ea5eafe69dbdf 2dac93602a4e47e156b8b54455dfdcd7a7a4901ab33f2a0c2c416a395e1ebda5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 08:22:33 Times Seen139358 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js	1.9 kB	2023-03-12	2023-03-13
Pretty URL js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:09:04 Last Seen2023-03-13 00:20:16 Times Seen1 Hash a5c2f005244ec63ac8993a9cde4d542b d76d82a285b59d2b610ddcac1c5870cf2a64c916 20f473caedf40412da40a9ae0526b9e18125d04e9393c54e309424d8e1ec170c Loading...

	her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852	541 B	2023-03-08	2023-05-21
Pretty URL her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-05-21 20:14:57 Times Seen64 Hash 7fbdaafa595648042e44880998db47d6 c0908c1f668700c134efbef4e5b80cbd84d08d55 cd69bfc221f9a450b2e461c17360c700c0a8efa0235a6cef616ce0c200a3b546 Loading...

	browser.sentry-cdn.com/7.30.0/bundle.es5.min.js	63 kB	2023-03-12	2023-03-13
Pretty URL browser.sentry-cdn.com/7.30.0/bundle.es5.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:09:04 Last Seen2023-03-13 00:20:16 Times Seen1 Hash 7ff4b0e63c627b62cc3366b9093947ac 465f00b3609f922e27e195c047fae5db2f383f45 72237e2e1a298a647541dbe788aea220314256d3ad708643dde0be97736e16f6 Loading...

	www.pornhubpremium.com/user/security/1111	25 kB	2023-03-13	2023-03-13
Pretty URL www.pornhubpremium.com/user/security/1111 IP 66.254.114.33 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:01:30 Last Seen2023-03-13 00:01:30 Times Seen1 Hash 026654d28cdc28a6fbeb0513a6c0701d c065d615e491fbf40d263af9fc9aa8b45df10380 d6ff353ca653e9f61722231dbb02ccda9829d1f8e4c8ab0001a12174c6dd7afd Loading...

HTTP Transactions (61)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5247
Expires: Sun, 15 Jan 2023 09:40:09 GMT
Date: Sun, 15 Jan 2023 08:12:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8208
Expires: Sun, 15 Jan 2023 10:29:30 GMT
Date: Sun, 15 Jan 2023 08:12:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 07:42:06 GMT
content-type: application/json
age: 1836
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8277
Expires: Sun, 15 Jan 2023 10:30:39 GMT
Date: Sun, 15 Jan 2023 08:12:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: weAJLd2zCdcWLxW1wXXxxu7HrC4IoGYLuZaufjg8JNFE45K7zAD47x5eRrqpOn37jy7MU6NeUt4=
x-amz-request-id: 5102SC0DPG3RK1WG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 07:44:04 GMT
age: 1718
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

w57hzx72aytest3.fortteslapor.tk/TSKtBH6B?keyword=stemplin@slurpmail.net&sub1=clear2&sub3=nifty.com

146.190.75.35

302 Found

0 B

URL HTTP/1.1
w57hzx72aytest3.fortteslapor.tk/TSKtBH6B?keyword=stemplin@slurpmail.net&sub1=clear2&sub3=nifty.com
IP
146.190.75.35:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to a *.tk domain

HTTP Headers

GET /TSKtBH6B?keyword=stemplin@slurpmail.net&sub1=clear2&sub3=nifty.com HTTP/1.1
Host: w57hzx72aytest3.fortteslapor.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Sun, 15 Jan 2023 08:12:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://dateexotic.com/agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76
Pragma: no-cache
Set-Cookie: _subid=s8hnpa1a7i76;Expires=Wednesday, 15-Feb-2023 08:12:42 GMT;Max-Age=2678400;Path=/
b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjk4XCI6MTY3Mzc3MDM2Mn0sXCJjYW1wYWlnbnNcIjp7XCIzM1wiOjE2NzM3NzAzNjJ9LFwidGltZVwiOjE2NzM3NzAzNjJ9In0.MPi3yMHBZbgdNItDtZi_EKQ7bbTERBRLiO4uo9n81pI;Expires=Thursday, 30-Jan-2076 16:25:24 GMT;Max-Age=1673856762;Path=/
_token=uuid_s8hnpa1a7i76_s8hnpa1a7i7663c3b57ab88ed5.23723255;Expires=Wednesday, 15-Feb-2023 08:12:42 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 08:12:42 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e268c9a1793d39ae0dc57f109acad455
29089b385df3db707432c8f1b90e76f52deec26c
8499aae169577c7f556084054353037607ec9a69e0fc2797e399396d38953678

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8499AAE169577C7F556084054353037607EC9A69E0FC2797E399396D38953678"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Sun, 15 Jan 2023 14:11:51 GMT
Date: Sun, 15 Jan 2023 08:12:43 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e268c9a1793d39ae0dc57f109acad455
29089b385df3db707432c8f1b90e76f52deec26c
8499aae169577c7f556084054353037607ec9a69e0fc2797e399396d38953678

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8499AAE169577C7F556084054353037607EC9A69E0FC2797E399396D38953678"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Sun, 15 Jan 2023 14:11:51 GMT
Date: Sun, 15 Jan 2023 08:12:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

3.9 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
data
Size
3.9 kB (3858 bytes)
Hash
ef9e7f2c86744414a454f25f359cbe6e
ea89ffb48accfba89a006f6c1a7b865d7de0c98a
3ae0c4d4e0e3968f4916e8f6ecec875d6f302dddd2c41ca9873e757674084c84

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 07:17:25 GMT
age: 3318
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1690
Cache-Control: max-age=91334
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:43 GMT
Etag: "63c270a7-1d7"
Expires: Mon, 16 Jan 2023 09:34:57 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.165.237.81

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.237.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ETa6sQMw4/O1k6SNiDqMFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fy77Ewrr0EFnul1avQsx9Rj0nso=

alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExYTdpNzYmZW1haWw9c3RlbXBsaW4lNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXIyX21haW4mcHJpZD1zOGhucGExYTdpNzYmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=d1b86c27b68cf5a7203124126e9b50c5

104.21.85.99

301 Moved Permanently

0 B

URL HTTP/2
alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExYTdpNzYmZW1haWw9c3RlbXBsaW4lNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXIyX21haW4mcHJpZD1zOGhucGExYTdpNzYmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=d1b86c27b68cf5a7203124126e9b50c5
IP
104.21.85.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExYTdpNzYmZW1haWw9c3RlbXBsaW4lNDBzbHVycG1haWwubmV0JnN1YjE9Y2xlYXIyX21haW4mcHJpZD1zOGhucGExYTdpNzYmYmRhdGE9ZXlKa1lYUmhJanA3SW5Cc1lYUm1iM0p0SWpvaVRHbHVkWGdnZURnMlh6WTBJbjBzSW1WNGRISmhJanA3SWs1aGRtbG5ZWFJ2Y2k1d2JHRjBabTl5YlNJNld5Sk1hVzUxZUNCd2JHRjBabTl5YlNCaGJtUWdWMmx1Wkc5M2N5QjFjMlZ5SUdGblpXNTBJR1J2SUc1dmRDQnRZWFJqYUNKZGZTd2laWEp5YjNKeklqcDdJbWxtY21GdFpTSTZXeUpqWVc0bmRDQmhZMk5sYzNNZ2NISnZjR1Z5ZEhrZ1hDSmhjSEJsYm1SRGFHbHNaRndpTENCa2IyTjFiV1Z1ZEM1aWIyUjVJR2x6SUc1MWJHd2lYU3dpWTJGdWRtRnpYMk52Ym5SbGVIUWlPbHNpUm1GcGJHVmtJSFJ2SUdkbGRDQmpZVzUyWVhNZ1kyOXVkR1Y0ZENKZGZTd2lZbTkwVTJOdmNtVWlPaUl5TkNKOQ%3D%3D&h=d1b86c27b68cf5a7203124126e9b50c5 HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Sun, 15 Jan 2023 08:12:44 GMT
content-length: 0
location: https://www2.dateexotic.com/agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=3775522047246185852&c=1069117505
set-cookie: trbarid=3775522047246185852;expires=Tue, 14 Jan 2025 08:12:44 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uzRWvEwJPfIlDOiH74mU7fICya0rUkxUpdcqlRH%2BynVAas5LtZR9YftUGkP5LYywp%2FTAPzlYIisQOIebjwesiybTKnjEbplzo30%2Bg4ZWvGSdexrjtCdprDOpkaWlvTc7z9r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789d25e70d5db515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
25cef7a0cc433f76144420ba1df8ae7c
d613ef050f7aef8c1601d0e4ff6a85a0a875153d
cfa0216cc5a61c0ab61cccc7dc96dbe594dcb53edf73e5e9be56ece7679a08d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFA0216CC5A61C0AB61CCCC7DC96DBE594DCB53EDF73E5E9BE56ECE7679A08D3"
Last-Modified: Fri, 13 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16737
Expires: Sun, 15 Jan 2023 12:51:41 GMT
Date: Sun, 15 Jan 2023 08:12:44 GMT
Connection: keep-alive

js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js

151.101.2.217

200 OK

1.0 kB

URL HTTP/2
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (512)
Size
1.0 kB (1020 bytes)
Hash
ec868f2b7f5e4f747e260e0648c3e2bc
9d5b3d3e3d93b253ad7c11b9ae953941b75651e3
a3059fcd6db4a9ac6a3d92e2806d55c5294b44615d0ff238e40c6f512bfcf532

HTTP Headers

GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 12
content-encoding: gzip
accept-ranges: bytes
date: Sun, 15 Jan 2023 08:12:45 GMT
age: 60
x-served-by: getsentry-web-default-common-production-69567dd7b9-mv7rh, cache-bma1672-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1020
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 06:59:13 GMT
expires: Fri, 12 Jan 2024 06:59:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 263612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,400,700,900

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,400,700,900
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1078 bytes)
Hash
095348e5353a5dbd38eab53621c1cf4a
0d6f6db246dc7830e5a5962da5ad5edcb0dfdf8e
0a182b04f4a4c4ed3c66142941f66c25ddcacc82a9c0eeed1343bfc7ee51ca49

HTTP Headers

GET /css?family=Montserrat:100,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 08:12:45 GMT
date: Sun, 15 Jan 2023 08:12:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/css/bootstrap-reboot.min.css

54.39.22.228

200 OK

3.9 kB

URL HTTP/2
her-cupid.com/static/DAAA/css/bootstrap-reboot.min.css
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (3498)
Size
3.9 kB (3879 bytes)
Hash
522e4ec96bebf2d79e37786091541e21
0ba39cdcbb5c7006f2009e60c766e10e9691b734
c585678985d406d5531388daf8ac073098eefe71aa98b08e271a0a1a19e4b295

HTTP Headers

GET /static/DAAA/css/bootstrap-reboot.min.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: text/css
content-length: 3879
last-modified: Mon, 20 Jul 2020 11:08:38 GMT
etag: "5f157b36-f27"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12421
Expires: Sun, 15 Jan 2023 11:39:46 GMT
Date: Sun, 15 Jan 2023 08:12:45 GMT
Connection: keep-alive

her-cupid.com/static/DAAA/css/styles.css

54.39.22.228

200 OK

6.2 kB

URL HTTP/2
her-cupid.com/static/DAAA/css/styles.css
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
6.2 kB (6183 bytes)
Hash
dd208b4696de6516cf66b2a6d94d75d6
d6e6ef2262d7ca5328bcb0a5714cbc6b1643f170
2c074c798b73baa4b93795d65dc714fb8d9a507ef9c971a4e1b2495ae31a54fa

HTTP Headers

GET /static/DAAA/css/styles.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: text/css
content-length: 6183
last-modified: Tue, 21 Jul 2020 09:17:46 GMT
etag: "5f16b2ba-1827"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjam.com/cdn/push.min.js

172.67.166.71

200 OK

12 kB

URL HTTP/2
cdnjam.com/cdn/push.min.js
IP
172.67.166.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (36273)
Size
12 kB (11527 bytes)
Hash
e6b9a7d6fccc41b0e31deccc4e22ddae
166cadc622f57d1d9c84315b0e35d819456c1e09
ed8dab4eb383d4731fa52bbd9e6e03eeee7f1e5d83f2d8b5a19cca47de61ec8d

HTTP Headers

GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vulnBzH95vEieZndgx4PSCen%2FX5Jqa9ACmmO%2FoeIjL%2B9EvxclhPKz%2FY2F7rMyc1deR%2F1CDNqXbsLtm0ZdEG8kRmuud8WuUTRWUqUNeHylIgi9%2FtIkCTJK5Plcigh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789d25edcd01b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12421
Expires: Sun, 15 Jan 2023 11:39:46 GMT
Date: Sun, 15 Jan 2023 08:12:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cf5b0eb-b905-43ce-8a28-48297c75e980.jpeg

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cf5b0eb-b905-43ce-8a28-48297c75e980.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3777 bytes)
Hash
4a1c6332b225de08d58bb9cb44f09917
c0d28fb2b2fd6d55cb4c0831a3a08b95b3f7455c
4716dff7ee5c34d5e4ab214571a03b60026d7a69b25cb838f8b6a1fb01f44f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cf5b0eb-b905-43ce-8a28-48297c75e980.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: aee3b367-d5d1-46da-9aa3-89a6c8d4cab1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ertWFHw8oAMF76A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c15c26-2b00da01705c5717434ac1d3;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 13:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lajUfG_N7T3COcN8a94Oa8CRpKnVF4iPRI8ok9sy1hZLFM8EMwScTw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 08:55:03 GMT
age: 83862
etag: "c0d28fb2b2fd6d55cb4c0831a3a08b95b3f7455c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6658 bytes)
Hash
3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kXpAcGM2UzmXWcbf7AJhy_J3Ssq-vWbcHErGAme2fThP9xa72SOPpA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 09:13:30 GMT
age: 82755
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9801 bytes)
Hash
74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:32:33 GMT
age: 9612
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.30.0/bundle.es5.min.js

151.101.2.217

200 OK

21 kB

URL HTTP/2
browser.sentry-cdn.com/7.30.0/bundle.es5.min.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (63261)
Size
21 kB (20570 bytes)
Hash
12321847b8b735c41ac059b726be7544
a9442a3e545929cc0b67d5562e8b4e1c369dd749
bce724cfc5b2a788074dd70071b6354838944c24a836e2ee9f5e82e8b05c0300

HTTP Headers

GET /7.30.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 11 Jan 2024 10:40:18 GMT
last-modified: Tue, 10 Jan 2023 13:13:23 GMT
etag: "12321847b8b735c41ac059b726be7544"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 15 Jan 2023 08:12:45 GMT
age: 336747
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20570
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4981 bytes)
Hash
5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b6c3a2c1-b88e-4eb9-9c22-788748559fea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewISXEQ9oAMFbkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320db-0a9f9ac1084e4f02006598cf;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a8kL20Yet_IuO2ZztlKmenTGOFa4BCYHi2B-4B1W1eq5-tCqGK3isg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:35 GMT
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
age: 38050
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927ee28f-9aec-4d89-8259-12f92fbf3721.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9617 bytes)
Hash
77932ead94678aa07bcdd5be1f650874
587748be0e1b6af22161f57c5fb2565d95765b72
c3a75f6aee8677c4c583813c04c1acbc3c8737b18497c744a95ac70b964dbcb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927ee28f-9aec-4d89-8259-12f92fbf3721.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9617
x-amzn-requestid: 9c8e3832-3900-4b51-aa9c-79cb6a2e5548
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emxYqGJboAMF2GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf629d-0030cadd5e1ea7bb43600827;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 01:30:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X8PX2Zmq1om0jyeet6Pot2rYCV2PIZaIJN2N4ejlxQ7pHjigw94n4Q==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:53:33 GMT
age: 37152
etag: "587748be0e1b6af22161f57c5fb2565d95765b72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: D6FaDcaWbJehldBR7ASM60ey56hQS1H4ZpLlGqI-ptDupfJT-iugfw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:58:31 GMT
age: 8054
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 07:08:09 GMT
expires: Sat, 13 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 176676
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5777efce2c244bc8210687531bf8707e
d01bad8046587522f5d014a7f7bc20a90582abe7
e7db89e9a6c9976041afd3f72592ad9c140684113b177cbeef0c6e25ee6648a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7DB89E9A6C9976041AFD3F72592AD9C140684113B177CBEEF0C6E25EE6648A9"
Last-Modified: Sat, 14 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2738
Expires: Sun, 15 Jan 2023 08:58:23 GMT
Date: Sun, 15 Jan 2023 08:12:45 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.api-push.com/get-keys

172.64.162.28

204 No Content

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 15 Jan 2023 08:12:45 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZSmQCT9OLMTqDz7p8Y9xkcah2wNxe7ip7GqZgRmhF1CBpq5WGSQAWYKJEl1R4NSljvO%2Fc4D5UKPxjRvYVVWY%2BxVGABCAkG6SbyLFGedKHp7DLUG%2BprreATAkS18FerDLU%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789d25eeeaad72ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.30.0

34.120.195.249

200 OK

2 B

URL HTTP/2
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.30.0
IP
34.120.195.249:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.30.0 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5777efce2c244bc8210687531bf8707e
d01bad8046587522f5d014a7f7bc20a90582abe7
e7db89e9a6c9976041afd3f72592ad9c140684113b177cbeef0c6e25ee6648a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7DB89E9A6C9976041AFD3F72592AD9C140684113B177CBEEF0C6E25EE6648A9"
Last-Modified: Sat, 14 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2738
Expires: Sun, 15 Jan 2023 08:58:23 GMT
Date: Sun, 15 Jan 2023 08:12:45 GMT
Connection: keep-alive

her-cupid.com/static/DAAA/img/set-1/small/img-5.jpg

54.39.22.228

200 OK

6.2 kB

URL HTTP/2
her-cupid.com/static/DAAA/img/set-1/small/img-5.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x120, components 3\012- data
Size
6.2 kB (6194 bytes)
Hash
89549bd65753a0f0e1b09e6bf90ed0d5
44ae3f09c9696ff83ab4ce4ca9bd3eaf2d62ab98
1fcb6c12912382944541fb9eabdf46801c8459356b5c956ce05feea3de030f4f

HTTP Headers

GET /static/DAAA/img/set-1/small/img-5.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/jpeg
content-length: 6194
last-modified: Mon, 20 Jul 2020 14:22:14 GMT
etag: "5f15a896-1832"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/img/set-1/img-3.jpg

54.39.22.228

200 OK

164 kB

URL HTTP/2
her-cupid.com/static/DAAA/img/set-1/img-3.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 774x1360, components 3\012- data
Size
164 kB (163898 bytes)
Hash
08842d2eee4073d51613355da2bee5d1
35f245c4de4a835b15608ffdc5417843548d6bd8
9cf7c14a1f169236d006a52c39a33cfe0c3f0a871bdf0e53049dece989188ddc

HTTP Headers

GET /static/DAAA/img/set-1/img-3.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/jpeg
content-length: 163898
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-2803a"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/img/set-1/img-4.jpg

54.39.22.228

200 OK

150 kB

URL HTTP/2
her-cupid.com/static/DAAA/img/set-1/img-4.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 769x1350, components 3\012- data
Size
150 kB (149540 bytes)
Hash
2f9d13fc1501209e574e8d86ad2cbf6b
a0521f04bf849a34a78b5c15caaa0b34e33a121b
96b9820d312b54059b3f8e84264b6b319fb7143d67ea46d38cfebd16460cae85

HTTP Headers

GET /static/DAAA/img/set-1/img-4.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/jpeg
content-length: 149540
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-24824"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/img/set-1/img-1.jpg

54.39.22.228

200 OK

291 kB

URL HTTP/2
her-cupid.com/static/DAAA/img/set-1/img-1.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data
Size
291 kB (290615 bytes)
Hash
12b1bb2135d1607fc59e4045c702da89
c34a7a2e9bf1595ea2ee1d0c18eb428cfcd3ff4e
24458c7391089dcb49003286ed6aee0ec706d4279789fefc15fda4333fba5ed4

HTTP Headers

GET /static/DAAA/img/set-1/img-1.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/jpeg
content-length: 290615
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-46f37"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/img/set-1/img-5.jpg

54.39.22.228

200 OK

204 kB

URL HTTP/2
her-cupid.com/static/DAAA/img/set-1/img-5.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1013x1350, components 3\012- data
Size
204 kB (204097 bytes)
Hash
7521e9a6aea4d17eaa1f6dc9c9eb75bf
c869ef5799e28537a238733d184e6b3707264635
5753c92dd3b978dcc4907476df776439c9c9bc2ce21e95e375ef223d9df44f0e

HTTP Headers

GET /static/DAAA/img/set-1/img-5.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/jpeg
content-length: 204097
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-31d41"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/img/set-1/img-2.jpg

54.39.22.228

200 OK

343 kB

URL HTTP/2
her-cupid.com/static/DAAA/img/set-1/img-2.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x1350, components 3\012- data
Size
343 kB (343049 bytes)
Hash
fcc7e18f8fbe4b0682cd80992bc329c5
c637153efeb0f794364a930bc0344da1dbdb63e1
ede657e34689f40b1f0e873a58f781502f7f210d1259b5f8f983c15d49fa1047

HTTP Headers

GET /static/DAAA/img/set-1/img-2.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/jpeg
content-length: 343049
last-modified: Mon, 20 Jul 2020 09:46:28 GMT
etag: "5f1567f4-53c09"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
5fb1b00969a61dbe4cf154d12bc68526
9f98a58ae84a855d1609e152eb43c84d5ed625dd
ebda1916b9bd4b50644bfba66c0d46cc5071df5300328444f5e3dbf2d1d44bf9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5775
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 08:12:45 GMT
Last-Modified: Sun, 15 Jan 2023 06:36:30 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312

her-cupid.com/static/DAAA/favicon-150x150.png

54.39.22.228

200 OK

3.6 kB

URL HTTP/2
her-cupid.com/static/DAAA/favicon-150x150.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3559 bytes)
Hash
86f9929824fc0d3b444b16a1ba4df0b9
821aaf3136d30d89d6585ddb149a30a905c76f03
860e7731ef9de2da986b81c5a9c18d4695264ea58a03967601a1865827c19bfb

HTTP Headers

GET /static/DAAA/favicon-150x150.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_NMZPnGPDtXw=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJOTVpQbkdQRHRYdyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwic2VhcmNoIjoiP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/png
content-length: 3559
last-modified: Mon, 20 Jul 2020 07:12:48 GMT
etag: "5f1543f0-de7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/DAAA/favicon-16x16.png

54.39.22.228

200 OK

1.1 kB

URL HTTP/2
her-cupid.com/static/DAAA/favicon-16x16.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1129 bytes)
Hash
be401ad33728dd542f660a0ddd657a64
49b008b667dc9dd34ecab799199e5d7a1e9b0764
39b75cd90731e0f783ce97be98150f8ca304d2569edb8e95f23783b06fe26b5c

HTTP Headers

GET /static/DAAA/favicon-16x16.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_NMZPnGPDtXw=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJOTVpQbkdQRHRYdyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwic2VhcmNoIjoiP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: image/png
content-length: 1129
last-modified: Mon, 20 Jul 2020 07:14:44 GMT
etag: "5f154464-469"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

301 Moved Permanently

166 B

URL HTTP/2
pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: openresty
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: text/html
content-length: 166
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
x-frame-options: SAMEORIGIN
rating: RTA-5042-1996-1400-1577-RTA
set-cookie: __s=63C3B57D-42FE722901BB0498-7E7FF68; Secure; Samesite=None
__l=63C3B57D-42FE722901BB0498-7E7FF68; Secure; Samesite=None; Max-Age=31556926
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63C3B57D-42FE722901BB0498-7E7FF68
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
007f5b0324fc46d5261db510e899dd43
43c12d05e8970d0a2c453ac884501a063067edf1
6ff5e31774d44b7f597dfd2c4fd6114ef476e530d04205110f98c9c9557e8552

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 08:12:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 15:37:40 GMT
Expires: Fri, 20 Jan 2023 15:37:39 GMT
Etag: "43c12d05e8970d0a2c453ac884501a063067edf1"
Cache-Control: max-age=458093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789d25f26e20b51b-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
485f4d158ab32e1193cd4e328d5bfd00
7f6ff801a6f431edcd565d926b9539d9c4c2e6f8
bca425f3e8700e379d0b6d57b2f0adfdfedc6f313977b5aa4d5b90b7ae7b34fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCA425F3E8700E379D0B6D57B2F0ADFDFEDC6F313977B5AA4D5B90B7AE7B34FA"
Last-Modified: Sun, 15 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4132
Expires: Sun, 15 Jan 2023 09:21:37 GMT
Date: Sun, 15 Jan 2023 08:12:45 GMT
Connection: keep-alive

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.9

404 Not Found

26 kB

URL HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.9:0
ASN
#46652 SERVERSTACK-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8628)
Size
26 kB (25898 bytes)
Hash
9aa7405be00bd29713fb444db231b10f
377ecb10303d9a04073b98e385269f021201da80
96fc98ceae321b0223f6e3972c301208b4b66809b056e488a503d17f2561f2a3

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 08:12:45 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com 1868565294.rsc.cdn77.org https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.cdn77.org fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com *.gtflixtv.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.cdn77.org *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=17d4764530bc4fc174nELwNd0F-Nmar8vFNQlTzgSK7QJYKhOZ3HhJUMhPrmoIyjwjXqKj7bGUUqbWPfR7FPzDWjZlHlSzUJy-dEvGM2672S6BBGgL6LYPHip1V6hLCTOP2Zdl5OTbRQ5oR4fKOgLlXj1X0Xxb5hX6GBWQoQxVEJ2DWZhLVGeVs-4Qn0oA5_3eT-y_GFH5lcBrco; expires=Tue, 14-Feb-2023 08:12:45 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

www.pornhubpremium.com/user/security/1111

66.254.114.33

302 Found

0 B

URL HTTP/1.1
www.pornhubpremium.com/user/security/1111
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user/security/1111 HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
server: openresty
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 16-Jan-2023 08:12:45 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Sun, 22-Jan-2023 08:12:45 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
bs=xwp1k0wnfz8ws3wn9z3z05qfoxhj0qjz; expires=Wed, 12-Jan-2033 08:12:45 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None
ss=621354298673326502; expires=Mon, 15-Jan-2024 08:12:45 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=xaPg3_RA6hKMiPIa05lNkQkQHuqkdBC7cWg15GMOFhegoIQMqGn5kwWv1IAuo2zt
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63C3B57D-42FE722101BBCEEA-7E201AB

www.pornhubpremium.com/premium/login?redirect=xaPg3_RA6hKMiPIa05lNkQkQHuqkdBC7cWg15GMOFhegoIQMqGn5kwWv1IAuo2zt

66.254.114.33

200 OK

7.8 kB

URL HTTP/1.1
www.pornhubpremium.com/premium/login?redirect=xaPg3_RA6hKMiPIa05lNkQkQHuqkdBC7cWg15GMOFhegoIQMqGn5kwWv1IAuo2zt
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)
Size
7.8 kB (7818 bytes)
Hash
9c463095c9d2af9675116984e9916613
20be3ed2a789e6679cd1b2d2f0e87669f5efb929
8b3d919aee5ec16c8e67597d1a3e52ea26f07838fbec3658b03793fdff070ec1

HTTP Headers

GET /premium/login?redirect=xaPg3_RA6hKMiPIa05lNkQkQHuqkdBC7cWg15GMOFhegoIQMqGn5kwWv1IAuo2zt HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=xwp1k0wnfz8ws3wn9z3z05qfoxhj0qjz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Sun, 15 Jan 2023 08:12:46 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 16-Jan-2023 08:12:46 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Sun, 22-Jan-2023 08:12:46 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=142026958132940772; expires=Mon, 15-Jan-2024 08:12:46 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=18062.100000; expires=Tue, 14-Feb-2023 08:12:46 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Tue, 14-Feb-2023 08:12:46 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63C3B57D-42FE722101BBCEEA-7E2021E

her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /DwAA/10066/oth?i=NMZPnGPDtXw&u=3775522047246185852 HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:44 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_NMZPnGPDtXw=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJOTVpQbkdQRHRYdyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwic2VhcmNoIjoiP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTY5MSwiZG9tSW50ZXJhY3RpdmUiOjE5MzMsImRvbUNvbXBsZXRlIjoyNDExfX0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 302
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_NMZPnGPDtXw=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJOTVpQbkdQRHRYdyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0R3QUEvMTAwNjYvb3RoP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwic2VhcmNoIjoiP2k9Tk1aUG5HUER0WHcmdT0zNzc1NTIyMDQ3MjQ2MTg1ODUyIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJ4dmlkIjoiZmFsc2UifX0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 15 Jan 2023 08:12:46 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

dateexotic.com/agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76

172.67.159.164

200 OK

0 B

URL HTTP/2
dateexotic.com/agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76
IP
172.67.159.164:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /agEA?usid=s8hnpa1a7i76&email=stemplin%40slurpmail.net&sub1=clear2_main&prid=s8hnpa1a7i76 HTTP/1.1
Host: dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 15 Jan 2023 08:12:43 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5OdN%2BlG5mvvHEWC%2Fh1KpsqHj%2B%2FJdzP%2FtEeZLKy0oLUDyTUpIdcFB4gwZmci9rf%2BxKYMyDC24rh8QUVG81maAuKi5TqhwnjUSUFyEylpIqgKz5kAw4b%2BCLVYMN3Sn7BP6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789d25e1abe2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

200 OK

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu8IA76CJxp1tBMnPk9qqKpxa8T7F%2BPbDR2b%2FO8Nr3e4ar5vszFHN1ihtMhwVly5BZC61pYYW%2BcBTpTw6bEuvOeookhgyxaI5MRY7Di8WzyhZRtJ7T1nD5QauAwQppOVYfl9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789d25efcb4972ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

302 Found

0 B

URL HTTP/2
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sun, 15 Jan 2023 08:12:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Mon, 16-Jan-2023 08:12:45 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Sun, 22-Jan-2023 08:12:45 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=935pppnm342qxh601ylax9ri7bbqzy6a; expires=Wed, 12-Jan-2033 08:12:45 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=149034443300710848; expires=Mon, 15-Jan-2024 08:12:45 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=24901.100000; expires=Tue, 14-Feb-2023 08:12:45 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=63C3B57D-42FE722901BB0498-7E8001F; Secure; Samesite=None
__l=63C3B57D-42FE722901BB0498-7E8001F; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63C3B57D-42FE722901BB0498-7E8001F
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML