Report - dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear

Report Overview

Submitted URL
dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj
IP
104.21.34.109
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-25 10:04:52
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	23.36.76.226
alexatracker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.2 kB	104.21.85.99
js.sentry-cdn.com	5259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	1.7 kB	151.101.2.217
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	32 kB	142.250.74.106
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	728 B	3.4 kB	142.250.74.10
browser.sentry-cdn.com	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	21 kB	151.101.2.217
lh3.google.com	213	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	956 B	142.250.74.142
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	4.6 kB	216.58.207.237
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
www2.dateexotic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	934 B	1.3 kB	172.67.159.164
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.8 kB	142.250.74.3
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859 B	2.9 kB	172.64.138.29
o65532.ingest.sentry.io	747982	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	577 B	469 B	34.120.195.249
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
www.pornhub.com	10781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	1.2 kB	66.254.114.41
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	954 B	172.67.166.71
dateexotic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	6.3 kB	104.21.34.109
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.166.172.24
her-cupid.com	698724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	349 kB	54.39.22.228
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	982 B	43 kB	216.58.207.195
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	3.7 kB	157.240.200.35
www.pornhubpremium.com	142013	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	1.1 kB	66.254.114.33
www.xvideos.com	11464	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	33 kB	185.88.181.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	dateexotic.com/static/js/build/bd.js	Phishing
2022-11-25	medium	her-cupid.com/stats	Phishing
2022-11-25	medium	her-cupid.com/stats	Phishing
2022-11-25	medium	her-cupid.com/stats	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	cdnjam.com/cdn/push.min.js	36 kB	2023-03-07	2024-04-19
Pretty URL cdnjam.com/cdn/push.min.js IP 172.67.166.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-04-19 15:59:32 Times Seen140 Hash 44c9e373bc246e347c8420a2eb8f54d4 5eb6010833c0c873766407c7a51ea5eafe69dbdf 2dac93602a4e47e156b8b54455dfdcd7a7a4901ab33f2a0c2c416a395e1ebda5 Loading...

	js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js	1.9 kB	2023-03-11	2023-03-11
Pretty URL js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:27:42 Last Seen2023-03-11 22:27:37 Times Seen1 Hash 5e6a1380d56aee5edbeb58dba3517242 d695d5f497e2fd067a1f0533fce9f83c093ce422 e4e3163ff96a3b212f0966cbf40777b91b24e63d7f145d9b86978e5b98148055 Loading...

	her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930	541 B	2023-03-08	2023-05-21
Pretty URL her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-05-21 20:14:57 Times Seen64 Hash 7fbdaafa595648042e44880998db47d6 c0908c1f668700c134efbef4e5b80cbd84d08d55 cd69bfc221f9a450b2e461c17360c700c0a8efa0235a6cef616ce0c200a3b546 Loading...

	her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930	94 B	2023-03-08	2023-03-13
Pretty URL her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 06:54:02 Times Seen1 Hash abd83097ff968509c2d13a68695d83d2 46bf322c6a7a8b3f2310176d14d94e76c97c366c 954970561be7c748848a5268a58ea2d6a2a3f319a1ebd3b3f1df6f4d640e4af6 Loading...

	her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930	18 kB	2023-03-08	2023-03-11
Pretty URL her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:56:30 Last Seen2023-03-11 23:49:30 Times Seen1 Hash 2cb86b8e3f9337f911f972df71e810ab 77e66a90748f497b9e4acf744db4ae14aea0958f 2f253a081ac441b4b1f882b44b2c5cbf3c173b3138d1c7ffee78777c598ae55c Loading...

	www.pornhubpremium.com/user/security/1111	24 kB	2023-03-11	2023-03-11
Pretty URL www.pornhubpremium.com/user/security/1111 IP 66.254.114.33 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:45:42 Last Seen2023-03-11 19:45:42 Times Seen1 Hash 33c92da7557a1c64cccbbee3040694f4 c0717cf8709c35b674be1ff6c0ed9e92adaff552 ca31d9ead06c57b4f983b374828038fb11c1b9f5a2c847795e860ccf441ab3ef Loading...

	dateexotic.com/static/js/build/bd.js	9.6 kB	2023-03-08	2024-02-28
Pretty URL dateexotic.com/static/js/build/bd.js IP 104.21.34.109 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2024-02-28 12:28:08 Times Seen126 Hash f6069a3618aaf83f49bc275cefdabc62 941b46212809c234480798ed57cef569ab4316f3 56f971147c45eee57e6c99f09f4cd65f7a1a47a87b9be4814708de41decb0cd5 Loading...

	dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj	522 B	2023-03-08	2023-03-13
Pretty URL dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj IP 104.21.34.109 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 02:11:38 Times Seen1 Hash fb67996fc9e5dfeb461edb47f6c08026 5a1d96bbf8a04ff725cfdc3dce298183a4736684 29838d2d65b29af9d0645f1913b789e92fecf1dcc260094bbcf2469aa6171e9b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 17:59:42 Times Seen138312 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	browser.sentry-cdn.com/7.21.1/bundle.es5.min.js	62 kB	2023-03-08	2023-03-13
Pretty URL browser.sentry-cdn.com/7.21.1/bundle.es5.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:38 Last Seen2023-03-13 07:55:24 Times Seen1 Hash 6d65fcee215400ceb4eee35fbff48362 82674ebed271e5d15cfa5cd54f172765b3147e41 20fee5be91c7a81eb242eecf7fd4966a84e61abcaef6072f4507d368290741d0 Loading...

HTTP Transactions (76)

URL IP Response Size

dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj

104.21.34.109

200 OK

907 B

URL HTTP/1.1
dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj
IP
104.21.34.109:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
907 B (907 bytes)
Hash
f644572248ce42c31779d65845c95277
6963b52cff901ae5ce3eb250820dcaef46cc9388
0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0

HTTP Headers

GET /agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj HTTP/1.1
Host: dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:04:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5i7wT1xE6KVcPPjPYQQ9BpUhhUzjK9Zn5jZRKp84vWdsN2OcK5M2r8BrseQyUoPXslCQ5dOX8vTOUUnBVM5OxWPlMAd4ogaegsDhCf7kqVGu3kwUDpDh5TVBXK%2B%2FRi1Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f98fc7993a1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 10:04:41 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2193
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:41 GMT
Last-Modified: Fri, 25 Nov 2022 09:28:08 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2737
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13389
Expires: Fri, 25 Nov 2022 13:47:50 GMT
Date: Fri, 25 Nov 2022 10:04:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /m81I/z6vPSB/al8/RjuRWnqlpDL56otUvTVXdyiKPj5ikDyApf3zcASP3xj1xUsx1eger+2OQ8=
x-amz-request-id: S48EYA0HN79DF90X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 09:40:45 GMT
age: 1436
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 10:04:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

dateexotic.com/static/js/build/bd.js

104.21.34.109

200 OK

3.6 kB

URL HTTP/1.1
dateexotic.com/static/js/build/bd.js
IP
104.21.34.109:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (8033)
Size
3.6 kB (3566 bytes)
Hash
cfed7ea7fab839427d802070c1a7c3a8
e2bb93dbb83ed6edf4563709e395bf1747d16979
f33bcea37e8bb80f4a054283ec3fee0a4d40929979ff0e1f7b5b67f04c5b7649

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/build/bd.js HTTP/1.1
Host: dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:04:42 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76f98fca4bf31c16-OSL
Age: 35786
ETag: W/"static/js/build/bd.3ad9d77bdd.js"
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwjiPUkZjIyL1eWMRW0Wh7DiO0LJb8%2BU3z63bL0C5yb0QUomghw6dTT5CtbjZ8yATkRAHpParBjJUTNMBYBYe4GYzZYayHRP98KspK1OmBxn1hzqVKmn8fG3pHvURAu%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

dateexotic.com/favicon.ico

104.21.34.109

200 OK

47 B

URL HTTP/1.1
dateexotic.com/favicon.ico
IP
104.21.34.109:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
47 B (47 bytes)
Hash
2f3ca1d38e8b18ef00c4a0eff0889cfc
2f28ed1ccf7c08cf22491757fe20385249db162e
af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond@slurpmail.net&sub1=clear_main&prid=l22h85135nfj

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:04:42 GMT
Content-Type: image/gif
Content-Length: 47
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfPQV5Ihc%2B%2BmShO2LNleJk5Vmfpc5GLp%2FtxRLZUKvGhT9GufzTteQ5%2B5uEPJINbiUVVr9No4VzB%2F0F4ihQBDvHUqeo%2BBgb3eajWMMrFA5HY8gUVqipSwAdQL%2FEBO45zicA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f98fcbcdb11c16-OSL
alt-svc: h2=":443"; ma=60

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
5cdecfc204af938b3a8e09006559438e
3d2868b038777b41b955b821769f57aeed456e0a
8ed24f0c8d1f6cc927e5a4d7154d4df330757762dddc0effe36d347997afde4a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8ED24F0C8D1F6CC927E5A4D7154D4DF330757762DDDC0EFFE36D347997AFDE4A"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 25 Nov 2022 12:58:33 GMT
Date: Fri, 25 Nov 2022 10:04:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 3211
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6572
Cache-Control: max-age=89499
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:42 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:56:21 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
5cdecfc204af938b3a8e09006559438e
3d2868b038777b41b955b821769f57aeed456e0a
8ed24f0c8d1f6cc927e5a4d7154d4df330757762dddc0effe36d347997afde4a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8ED24F0C8D1F6CC927E5A4D7154D4DF330757762DDDC0EFFE36D347997AFDE4A"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 25 Nov 2022 12:58:33 GMT
Date: Fri, 25 Nov 2022 10:04:42 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef42f405a4b2624f8d45297dabae1422
4147a26c7ab8fc3d173d15be5b4111fcf4f9c8a1
ed2f9e05177368420a430de4190ed88c7402ffd95ed150c7fbb00622c683612f

HTTP Headers

POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1sMjJoODUxMzVuZmomZW1haWw9amVyb21lLmRlcnJhbW9uZCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9bDIyaDg1MTM1bmZqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=649fcfb5884f797fb0d1d94f793f190f

104.21.85.99

301 Moved Permanently

0 B

URL HTTP/2
alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1sMjJoODUxMzVuZmomZW1haWw9amVyb21lLmRlcnJhbW9uZCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9bDIyaDg1MTM1bmZqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=649fcfb5884f797fb0d1d94f793f190f
IP
104.21.85.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1sMjJoODUxMzVuZmomZW1haWw9amVyb21lLmRlcnJhbW9uZCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9bDIyaDg1MTM1bmZqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=649fcfb5884f797fb0d1d94f793f190f HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Fri, 25 Nov 2022 10:04:42 GMT
content-length: 0
location: https://www2.dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond%40slurpmail.net&sub1=clear_main&prid=l22h85135nfj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=5258715709298479930&c=2787228879
set-cookie: trbarid=5258715709298479930;expires=Sun, 24 Nov 2024 10:04:42 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0AkIAibehvAU%2FGNyTvhltiH2TCr54KveUatDRfgX7IKSo3z2Vn7b7%2FfNj8Tb3xZHEfzO0Y%2BELaOPpfj2ZO%2F%2Brypr%2FA7ZfKwqIW%2FtJ0hq%2Fe7FfWISUn1UQUuh7NoQ2LrsTAj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f98fd028920af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef42f405a4b2624f8d45297dabae1422
4147a26c7ab8fc3d173d15be5b4111fcf4f9c8a1
ed2f9e05177368420a430de4190ed88c7402ffd95ed150c7fbb00622c683612f

HTTP Headers

POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.166.172.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.166.172.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IDpbhilr3iRx9e1DeQJhwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5Fz5s+rW8JFp/QxDnSpehgSdo5A=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6fbcfe846f488e642e75632ecdf14f81
979a93f518c584e468ae7fef8f181e22a15153a1
50ae671bb0e4143f8e7c04cc4378a0267717608f88818899f643175b45923614

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50AE671BB0E4143F8E7C04CC4378A0267717608F88818899F643175B45923614"
Last-Modified: Thu, 24 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1603
Expires: Fri, 25 Nov 2022 10:31:26 GMT
Date: Fri, 25 Nov 2022 10:04:43 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js

151.101.2.217

200 OK

1.0 kB

URL HTTP/2
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (512)
Size
1.0 kB (1021 bytes)
Hash
3b07f6f3625abf8ad4dafd7b821ad69e
304bbec923fc251222f5d8bf87ff13244ac12201
7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d

HTTP Headers

GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 12
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 10:04:43 GMT
age: 44
x-served-by: getsentry-web-default-common-production-5c68b88dcb-rwn7r, cache-bma1678-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1021
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8cec0b45cf4401eb34e06558e310e6e4
2fd79044bad9608cc356f96f13b38cb4713c7bfd
cb9d4a619489f65ed1110117ef4da7e372f219a46e48d51e40ad4d8c7a59e170

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4214
Cache-Control: max-age=103692
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:43 GMT
Etag: "637f74d1-117"
Expires: Sat, 26 Nov 2022 14:52:55 GMT
Last-Modified: Thu, 24 Nov 2022 13:42:41 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:46:23 GMT
expires: Sat, 25 Nov 2023 08:46:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 4700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,400,700,900

142.250.74.10

200 OK

854 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,400,700,900
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
854 B (854 bytes)
Hash
3126b204dc649733f2e24586dec2aac5
d9c317897720d911f9dc48cc9deb513ceff4d0b1
9194d02d51648000304a5247b94ca6de6f4c31db1a62b6a5540618e180cc9378

HTTP Headers

GET /css?family=Montserrat:100,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 10:04:43 GMT
date: Fri, 25 Nov 2022 10:04:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930

54.39.22.228

200 OK

17 kB

URL HTTP/2
her-cupid.com/BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
data
Size
17 kB (16706 bytes)
Hash
b42866795e8278098921e16d733c7133
1595079924d5c4bbe3459db6c11cf18699f5aeb2
d79541fd580c644adce48c38b5a700b0da3a7c41811d8353bbb532442d2dae56

HTTP Headers

GET /BAAA/10063/oth?i=CGSlP2OAkzs&u=5258715709298479930 HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

browser.sentry-cdn.com/7.21.1/bundle.es5.min.js

151.101.2.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.21.1/bundle.es5.min.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62012)
Size
20 kB (20162 bytes)
Hash
66704d64b742c25f1edefdf90adf3f2f
5f54e6f7e7e066f91aa129fa2a877618916aacb1
3721238a0def27bd8523c1d7e917f469ccf2e5a8d4361755d2e02be616981050

HTTP Headers

GET /7.21.1/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 23 Nov 2023 17:02:22 GMT
last-modified: Wed, 23 Nov 2022 11:53:26 GMT
etag: "66704d64b742c25f1edefdf90adf3f2f"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 10:04:44 GMT
age: 147741
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20162
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e06a8dc90630612579b6720d2a6d530a
f83ff0f2d1925d7757f9afd075311eef7d07179a
9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9102
Expires: Fri, 25 Nov 2022 12:36:26 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 62666
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

216.58.207.195

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Size
10 kB (10172 bytes)
Hash
58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:20:46 GMT
expires: Fri, 24 Nov 2023 21:20:46 GMT
cache-control: public, max-age=31536000
age: 45838
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1

34.120.195.249

200 OK

2 B

URL HTTP/2
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1
IP
34.120.195.249:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.138.29

204 No Content

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.138.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 25 Nov 2022 10:04:44 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bV0jskMqfkwRAH%2B4A3MDAjBSaLBn3H7S1Rd8f6SElF2Y2k3tUdRtrm3y%2FyX4aySqwaAqhnbHMagYO6HY6Xcs9HknaA1K%2Fk0SO2kCyqcCoCCuSDlbQCUNSqriW4JhuNXqRvAq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f98fd77aa971e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e06a8dc90630612579b6720d2a6d530a
f83ff0f2d1925d7757f9afd075311eef7d07179a
9a714c1d65b8266da215aae616a3a4b4b1999c1f44a5015a49d33bb2e2576bcc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A714C1D65B8266DA215AAE616A3A4B4B1999C1F44A5015A49D33BB2E2576BCC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9102
Expires: Fri, 25 Nov 2022 12:36:26 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17220
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17220
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17220
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17220
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17220
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8917 bytes)
Hash
5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 43754
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11743 bytes)
Hash
8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 43799
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 43032
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 20504
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6385 bytes)
Hash
f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:35:26 GMT
age: 8958
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7900 bytes)
Hash
d43ec6824d4fdc4d31b8c245bf8c5849
81f85633fca39972d8e0bf9a4ec7cd999e54564f
b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRreyOCHys8rW4UWA3JSMhtOiiltT6ULxxgi9aLM7sw07UruCXgPkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:13:14 GMT
age: 42690
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

her-cupid.com/static/BAAA/3-1.png

54.39.22.228

200 OK

480 B

URL HTTP/2
her-cupid.com/static/BAAA/3-1.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
480 B (480 bytes)
Hash
37ad09484eb1a7e103c1bba69ec3408d
950c14767d959c154d2ba2ceaa7867b8809731e5
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2

HTTP Headers

GET /static/BAAA/3-1.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/BAAA/style.css
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: image/png
content-length: 480
last-modified: Wed, 26 Sep 2018 08:25:30 GMT
etag: "5bab427a-1e0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:700

142.250.74.10

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1031 bytes)
Hash
b20122b7bb814120a410d4dcfb1a2225
bf40c9d70b6711f743424d3e00823cb97be07590
7ffd5ceb0d2c0ba3028f478b5f65bd1d552cf3e1d65501c836e990da68ac0ae5

HTTP Headers

GET /css?family=Oswald:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 10:04:43 GMT
date: Fri, 25 Nov 2022 10:04:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/static/BAAA/fon-black-3.jpg

54.39.22.228

200 OK

319 kB

URL HTTP/2
her-cupid.com/static/BAAA/fon-black-3.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size
319 kB (319308 bytes)
Hash
f56a3caa703a84b5344c5c75aaed3364
10bec291e7266499c9f5d3142aaf4207480cfda7
49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98

HTTP Headers

GET /static/BAAA/fon-black-3.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/BAAA/style.css
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: image/jpeg
content-length: 319308
last-modified: Wed, 26 Sep 2018 08:25:30 GMT
etag: "5bab427a-4df4c"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4900
Cache-Control: max-age=159808
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 06:28:12 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

142.250.74.142

302 Found

337 B

URL HTTP/2
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

HTTP Headers

GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:04:44 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/v14.0/plugins/like.php

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/v14.0/plugins/like.php
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v14.0/plugins/like.php HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 5Xkppym4rbKqA5e6mkCly18D3/kd4+uq1jSRnzGfaYI2GHADyIK1WUpsYkoBpY/tz7gp33tNfOYHVBvYbj3fZw==
content-length: 0
date: Fri, 25 Nov 2022 10:04:44 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

her-cupid.com/static/BAAA/favicon-150x150.png

54.39.22.228

200 OK

2.6 kB

URL HTTP/2
her-cupid.com/static/BAAA/favicon-150x150.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 270 x 270, 8-bit gray+alpha, non-interlaced\012- data
Size
2.6 kB (2634 bytes)
Hash
a942a3268453194d872f5fd38f01d316
d4a851f12cc7024050cbf7c99642004299e28a28
39df9ff9ca533925141252942c2ca3ab78abc75641923367d302c03352fe19e4

HTTP Headers

GET /static/BAAA/favicon-150x150.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: image/png
content-length: 2634
last-modified: Tue, 04 Dec 2018 15:24:42 GMT
etag: "5c069c3a-a4a"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.138.29

200 OK

1.3 kB

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.138.29:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1940), with no line terminators
Size
1.3 kB (1332 bytes)
Hash
db14521cd92a8942b0af59e0a39d6ce1
c54966027454390a99efef315b725e9f8911ae94
656d57410e6e836c7a5cf0e180ea71443470792837e19c5ea312ab0eaf890c1b

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaERyoGS%2BJVhqbICfxrIT7gOjajpiX11ZMUnksRms2tkHof2kS6nbnCx9P4puGFb74JISDNIwCumlVZ4E9adb0H4sB%2Bl3G4zBjkY0lhDA%2FV6wN5CGAWaixXbqMCk%2BA3qfPA%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f98fd80bd071e6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e61028bc752671cea11924bc1a42a422
b2555d630c063dda53f0e5a84324759e42b48352
23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4900
Cache-Control: max-age=159808
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 06:28:12 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

216.58.207.237

302 Found

408 B

URL HTTP/2
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386)
Size
408 B (408 bytes)
Hash
59a423fc379b3808df6e199a97f25105
d56a5e830b2d420d84ccb9d5e70910af1a1dca07
6abc7a837f06335c08be7246f2d80d8a29337a4c42d0eb4592f0d31428250946

HTTP Headers

GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:04:44 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-888373789%3A1669370684618150&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAujtU22zqza8u_KnGBsn9iF2ouo8zzxpV919IwCBRiSAG9vF9A3I0mmCEfof6Yx09VkTNugtQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-1o2qREjjAtFCWzVdV2jREw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 408
server: GSE
set-cookie: __Host-GAPS=1:sVYlC2wUQhg2vTj4RMlNWyy7FDnnWQ:ExELasFW8sC36Uqp;Path=/;Expires=Sun, 24-Nov-2024 10:04:44 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ca7a91a05000575c821d414cf06ec921
3aed15e7cbcb2f5e9206d2061853c0e69624dfae
798d484f2090885bd7c7f45ac6be0fccb0052aa0eb0488be98b6eda945d21f2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "798D484F2090885BD7C7F45AC6BE0FCCB0052AA0EB0488BE98B6EDA945D21F2F"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9849
Expires: Fri, 25 Nov 2022 12:48:53 GMT
Date: Fri, 25 Nov 2022 10:04:44 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
6a4f39955fe74f06d9dda6b0573a999b
de1dd7eb935f2935dd124aece86b75aac3de15bc
c6419dc7d03312373de135772fbcdaf4e5791113ac179238581f3b44a664312a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2775
Cache-Control: max-age=123863
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 10:04:44 GMT
Etag: "637fc93c-139"
Expires: Sat, 26 Nov 2022 20:29:07 GMT
Last-Modified: Thu, 24 Nov 2022 19:42:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

accounts.google.com/v3/signin/identifier?dsh=S-888373789%3A1669370684618150&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAujtU22zqza8u_KnGBsn9iF2ouo8zzxpV919IwCBRiSAG9vF9A3I0mmCEfof6Yx09VkTNugtQ

216.58.207.237

403 Forbidden

969 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-888373789%3A1669370684618150&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAujtU22zqza8u_KnGBsn9iF2ouo8zzxpV919IwCBRiSAG9vF9A3I0mmCEfof6Yx09VkTNugtQ
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
data
Size
969 B (969 bytes)
Hash
8d34875c48e10f2602bdfb36defbc112
91baffe6d503330c1a8e4d9402686c7e94e90da6
110e45f31095df883ca181e750852c02cde76cf05bbf9f6bebc0d78dcae52632

HTTP Headers

GET /v3/signin/identifier?dsh=S-888373789%3A1669370684618150&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAujtU22zqza8u_KnGBsn9iF2ouo8zzxpV919IwCBRiSAG9vF9A3I0mmCEfof6Yx09VkTNugtQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 10:04:44 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-7fn723To4pjO9Dm9Xs0rnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.pornhubpremium.com/user/security/1111

66.254.114.33

302 Found

0 B

URL HTTP/1.1
www.pornhubpremium.com/user/security/1111
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user/security/1111 HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
server: openresty
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sat, 26-Nov-2022 10:04:44 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Fri, 02-Dec-2022 10:04:44 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
bs=gfnric1zyhi6bo0bnbdssu5fijok2kt8; expires=Mon, 22-Nov-2032 10:04:44 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None
ss=180899709876616679; expires=Sat, 25-Nov-2023 10:04:44 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=oYJ7RHXsU9f0Wkz1l4VIg8JCDhGTwuhrp48oMEGx4bYMH7i14jRBfGJVmFBUS6g9
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6380933C-42FE722101BBB417-2BE1FB2

her-cupid.com/user-id?nbl=&impression=CGSlP2OAkzs&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FBAAA%2F10063%2Foth%3Fi%3DCGSlP2OAkzs%26u%3D5258715709298479930&search=%3Fi%3DCGSlP2OAkzs%26u%3D5258715709298479930&contactExists=false

54.39.22.228

200 OK

7.8 kB

URL HTTP/2
her-cupid.com/user-id?nbl=&impression=CGSlP2OAkzs&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FBAAA%2F10063%2Foth%3Fi%3DCGSlP2OAkzs%26u%3D5258715709298479930&search=%3Fi%3DCGSlP2OAkzs%26u%3D5258715709298479930&contactExists=false
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JSON data\012- data
Size
7.8 kB (7832 bytes)
Hash
dd6c1c81a8dbf1650fad659aa7dbf43e
06fc65a76162abad33905f9c1aa5f53396ba60b9
106166a6e29eeec0023a1f24c42ddf12ab0dcb7835d3199a51bf45441c976101

HTTP Headers

GET /user-id?nbl=&impression=CGSlP2OAkzs&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FBAAA%2F10063%2Foth%3Fi%3DCGSlP2OAkzs%26u%3D5258715709298479930&search=%3Fi%3DCGSlP2OAkzs%26u%3D5258715709298479930&contactExists=false HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: application/json; charset=UTF-8
set-cookie: userid=8fe99180fe23eb2502414137960d0e500003f452b4afe47e142473ed10a3f7e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A950946213866%3B%7D; expires=Sun, 26-Nov-2023 06:21:24 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5384a0bc98edc2f290c87b1476743c51
eea3711c3f179d1014607f0fe466cac35c7c29d6
96d1431d0c1518c5f76407d699478c113457f9256e22f7db049daeffd630731f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 10:04:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 19:48:06 GMT
Expires: Tue, 29 Nov 2022 19:48:05 GMT
Etag: "eea3711c3f179d1014607f0fe466cac35c7c29d6"
Cache-Control: max-age=380000,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f98fdbc976b500-OSL

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.8

404 Not Found

26 kB

URL HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.8:0
ASN
#46652 SERVERSTACK-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644)
Size
26 kB (25865 bytes)
Hash
915eb6af2dce70759028dec37f1a69d4
53fc6ff5d8e42a127fa29d6d67f65dceed0cfc56
b7ce4cb00f90f336b823b221908f5148dec188076ba1daf80b9c5a8d7045092e

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 10:04:45 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=822850ecff27e178hBiCN8P6RDWRmpsoTLG7WiQtYB9Qm2Xqsa1DaOXU52Z_OmLNi4YMvNjnn0WoVIu3KEsGomv95ovPKDy9GS_FCu97jm8IkTiF8PmQdDLM1kSmYSYRoHz9KR2F8H_30Vism2dP3ALjdhxcNkMtbffTlTbY7ZD6ZaPcKLF0kk0loE0dq6xd2FKjg1ObRVOjC_jx; expires=Sun, 25-Dec-2022 10:04:45 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 319
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjo5NTA5NDYyMTM4NjZ9; userid=8fe99180fe23eb2502414137960d0e500003f452b4afe47e142473ed10a3f7e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A950946213866%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:45 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 318
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjk1MDk0NjIxMzg2Nn0=; userid=8fe99180fe23eb2502414137960d0e500003f452b4afe47e142473ed10a3f7e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A950946213866%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:45 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www2.dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond%40slurpmail.net&sub1=clear_main&prid=l22h85135nfj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9

172.67.159.164

302 Found

0 B

URL HTTP/2
www2.dateexotic.com/agEA?usid=l22h85135nfj&email=jerome.derramond%40slurpmail.net&sub1=clear_main&prid=l22h85135nfj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9
IP
172.67.159.164:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /agEA?usid=l22h85135nfj&email=jerome.derramond%40slurpmail.net&sub1=clear_main&prid=l22h85135nfj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1
Host: www2.dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dateexotic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 25 Nov 2022 10:04:42 GMT
content-type: text/html; charset=UTF-8
location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1sMjJoODUxMzVuZmomZW1haWw9amVyb21lLmRlcnJhbW9uZCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9bDIyaDg1MTM1bmZqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=649fcfb5884f797fb0d1d94f793f190f
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDmT8v%2FLfZklr7J9omuzAqRX9UmlXGyOvuo%2BYdfNCUQJrEzOkpTohtNZFs05UO1UOsZ6gXKYBLJIYwhgiujFrSbACKXjmhKLCDKIyDVbVa9hhROyW9T6rkeaI0brfgiM8ELR5x%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f98fcc2dd2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

302 Found

0 B

URL HTTP/2
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Sat, 26-Nov-2022 10:04:44 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Fri, 02-Dec-2022 10:04:44 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=mem0b62nwl30ogx2jzdn4hwk62pcw3ms; expires=Mon, 22-Nov-2032 10:04:44 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=829612725487813566; expires=Sat, 25-Nov-2023 10:04:44 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=39806.100000; expires=Sun, 25-Dec-2022 10:04:44 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6380933C-42FE722901BBE04D-2BE76E9; Secure; Samesite=None
__l=6380933C-42FE722901BBE04D-2BE76E9; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6380933C-42FE722901BBE04D-2BE76E9
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_CGSlP2OAkzs=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJDR1NsUDJPQWt6cyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwic2VhcmNoIjoiP2k9Q0dTbFAyT0FrenMmdT01MjU4NzE1NzA5Mjk4NDc5OTMwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTc2NiwiZG9tSW50ZXJhY3RpdmUiOjE5NzAsImRvbUNvbXBsZXRlIjoyNjE0fX0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 10:04:44 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdnjam.com/cdn/push.min.js

172.67.166.71

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/push.min.js
IP
172.67.166.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 10:04:43 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 615
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVcMJzfxWAmVCpsSXcS4p1I0lyojgqC9p%2BpoYG7Xf8bIQRvw3u9Oxi0l%2FQPuLLbPVo82dZLZQvDjD8%2FItPLmOAnfVRbbMoKHRX9Em2O09iIFs2H8%2BhG52ObA4hzU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f98fd6ac8ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations