Report - funkydaters.com/-QIA

Report Overview

Submitted URL
funkydaters.com/-QIA
IP
172.67.218.62
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-05 19:31:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
js.sentry-cdn.com	5259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	1.7 kB	151.101.130.217
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	728 B	2.5 kB	142.250.74.106
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	19 kB	188.114.96.1
www.xvideos.com	11464	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	33 kB	185.88.181.2
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	11 kB	142.250.74.131
pornhub.com	4903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	827 B	66.254.114.41
www.pornhub.com	10781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	75 kB	66.254.114.41
www2.funkydaters.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	1.2 kB	104.21.83.86
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
alexatracker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.1 kB	172.67.204.112
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
her-cupid.com	698724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	718 kB	54.39.22.228
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	41 kB	34.120.237.76
funkydaters.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	951 B	6.3 kB	172.67.218.62
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.155.171.116
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	982 B	43 kB	142.250.74.35
o65532.ingest.sentry.io	747982	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	577 B	469 B	34.120.195.249
www.pornhubpremium.com	142013	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	10 kB	66.254.114.33
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	32 kB	142.250.74.106
browser.sentry-cdn.com	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	21 kB	151.101.130.217
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	859 B	2.7 kB	172.64.162.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-05	medium	her-cupid.com/stats	Phishing
2023-01-05	medium	her-cupid.com/stats	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713	94 B	2023-03-08	2023-03-13
Pretty URL her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 06:54:02 Times Seen1 Hash abd83097ff968509c2d13a68695d83d2 46bf322c6a7a8b3f2310176d14d94e76c97c366c 954970561be7c748848a5268a58ea2d6a2a3f319a1ebd3b3f1df6f4d640e4af6 Loading...

	browser.sentry-cdn.com/7.29.0/bundle.es5.min.js	63 kB	2023-03-12	2023-03-12
Pretty URL browser.sentry-cdn.com/7.29.0/bundle.es5.min.js IP 151.101.130.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:34:16 Last Seen2023-03-12 20:14:55 Times Seen1 Hash 260e8214d92f6f2c32b516c95570e61b 5b838f01e5b4d9cbc0319a624fa7d71386e74617 84dda33e07c51112b712b6a262aa7544c943998bc2b346cab9854fd91c356d88 Loading...

	www.pornhubpremium.com/user/security/1111	25 kB	2023-03-12	2023-03-12
Pretty URL www.pornhubpremium.com/user/security/1111 IP 66.254.114.33 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:29:40 Last Seen2023-03-12 15:29:40 Times Seen1 Hash 554c4bdb3353fd1773553eec830b9471 5591d0f36f1499c1ef9a959a5579308b94bb610c 1e300828e7d9adee55bb37d5e163d0ef62fbc3eff3f4893d3b91c40f2030fa62 Loading...

	funkydaters.com/static/js/build/bd.js	9.6 kB	2023-03-08	2024-02-28
Pretty URL funkydaters.com/static/js/build/bd.js IP 172.67.218.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2024-02-28 12:28:08 Times Seen126 Hash f6069a3618aaf83f49bc275cefdabc62 941b46212809c234480798ed57cef569ab4316f3 56f971147c45eee57e6c99f09f4cd65f7a1a47a87b9be4814708de41decb0cd5 Loading...

	js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js	1.9 kB	2023-03-12	2023-03-12
Pretty URL js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js IP 151.101.130.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:34:16 Last Seen2023-03-12 20:14:55 Times Seen1 Hash 498323780eede96f60c8cbb7c41bc075 ad92d16d943f1598c2542a12d5c14be46bceffaa d97e5261bbff5bf31cfffda461fa55974cd2b0854bb9e8dd8ebcf0f188d80eea Loading...

	cdnjam.com/cdn/push.min.js	36 kB	2023-03-07	2024-05-10
Pretty URL cdnjam.com/cdn/push.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-05-10 23:59:05 Times Seen179 Hash 44c9e373bc246e347c8420a2eb8f54d4 5eb6010833c0c873766407c7a51ea5eafe69dbdf 2dac93602a4e47e156b8b54455dfdcd7a7a4901ab33f2a0c2c416a395e1ebda5 Loading...

	her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713	541 B	2023-03-08	2023-05-21
Pretty URL her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-05-21 20:14:57 Times Seen64 Hash 7fbdaafa595648042e44880998db47d6 c0908c1f668700c134efbef4e5b80cbd84d08d55 cd69bfc221f9a450b2e461c17360c700c0a8efa0235a6cef616ce0c200a3b546 Loading...

	her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713	18 kB	2023-03-08	2023-03-13
Pretty URL her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:57:17 Last Seen2023-03-13 02:04:53 Times Seen1 Hash 2bef23b94106494fbf38217c9e12d2f0 7c5cebbc6cdb4f1f0f5fa815b86133ba34350e28 42b05d374af6df5be5307d5e362cf51751ee9b7f92bd45031939944f07cf9d92 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:40:30 Times Seen37534816 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	funkydaters.com/-QIA	522 B	2023-03-08	2023-03-13
Pretty URL funkydaters.com/-QIA IP 172.67.218.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 02:11:38 Times Seen1 Hash fb67996fc9e5dfeb461edb47f6c08026 5a1d96bbf8a04ff725cfdc3dce298183a4736684 29838d2d65b29af9d0645f1913b789e92fecf1dcc260094bbcf2469aa6171e9b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-11 02:14:27 Times Seen143279 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

HTTP Transactions (82)

URL IP Response Size

funkydaters.com/-QIA

172.67.218.62

200 OK

907 B

URL HTTP/1.1
funkydaters.com/-QIA
IP
172.67.218.62:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
907 B (907 bytes)
Hash
f644572248ce42c31779d65845c95277
6963b52cff901ae5ce3eb250820dcaef46cc9388
0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0

HTTP Headers

GET /-QIA HTTP/1.1
Host: funkydaters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 19:31:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IB%2FPYbP0iyx8udGuHEL281XxtqKWyWhKz6A0OGxv%2FZqxDP4VYxlzf3GLFd8zwP0IQN%2F3dexQZ8qoSFEXVRxJyCTQVfNwQPdV5Zbg7EbCA4uRSot2edDQ5vLk824bdWKdw6Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784ea236798a1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12174
Expires: Thu, 05 Jan 2023 22:54:14 GMT
Date: Thu, 05 Jan 2023 19:31:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5734
Expires: Thu, 05 Jan 2023 21:06:54 GMT
Date: Thu, 05 Jan 2023 19:31:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 18:47:55 GMT
content-type: application/json
age: 2606
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8448
Expires: Thu, 05 Jan 2023 21:52:09 GMT
Date: Thu, 05 Jan 2023 19:31:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WbGQ5kYxR8bxb+aE6e/anlN6/LpslpERDQD8rit+goAsGuGWXDwQif9orRdnJye6TuF4KJyFNGoe5XbWbChzGw==
x-amz-request-id: 5JTH1K9607FBN670
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 18:59:39 GMT
age: 1902
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

funkydaters.com/static/js/build/bd.js

172.67.218.62

200 OK

3.6 kB

URL HTTP/1.1
funkydaters.com/static/js/build/bd.js
IP
172.67.218.62:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (8033)
Size
3.6 kB (3571 bytes)
Hash
896fa747a8832e6a6ac72bbbcfc917f6
67dc40632c900a9f84280f0898b308b8a6b3e3a5
6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b

HTTP Headers

GET /static/js/build/bd.js HTTP/1.1
Host: funkydaters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://funkydaters.com/-QIA

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 19:31:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 784ea238abfa1bfe-OSL
Age: 74991
ETag: W/"static/js/build/bd.3ad9d77bdd.js"
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HHjhqmzRrgH8xpPRqJfZjjtpS78h91Axy6xvk1eVIzfGUHCZSFWya3VLY3WFw3g%2BByN5Flfw8CjMDR3E0IXI0ltWA1mfrAyTlg%2BGXiLH4Hi7FjOIWOBtJgEWTqDRZvKhNU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 19:31:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7797ea50f31234d43c145f5377b3f69e
9b1232db01d119c355b5185186005359f9def7d8
7f93e3a2fa94109708cb1a564daad23efc87552e723544457f7058bd35467146

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7F93E3A2FA94109708CB1A564DAAD23EFC87552E723544457F7058BD35467146"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6667
Expires: Thu, 05 Jan 2023 21:22:28 GMT
Date: Thu, 05 Jan 2023 19:31:21 GMT
Connection: keep-alive

funkydaters.com/favicon.ico

172.67.218.62

200 OK

47 B

URL HTTP/1.1
funkydaters.com/favicon.ico
IP
172.67.218.62:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
47 B (47 bytes)
Hash
2f3ca1d38e8b18ef00c4a0eff0889cfc
2f28ed1ccf7c08cf22491757fe20385249db162e
af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: funkydaters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://funkydaters.com/-QIA

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 19:31:21 GMT
Content-Type: image/gif
Content-Length: 47
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smoIKsrBmu2BfMEmeCySfNFFdVI9ljyf1uSBitlawZ7skJTuc%2Fns%2F8PLWS0jYavCqo4Szcc85xMFeh4FUlfgqcWR6C7swibMwW8W5G4gAqQ5gEQ42LzROP%2BaUG2AOERzJZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784ea23a2d311bfe-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 19:08:11 GMT
age: 1390
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7797ea50f31234d43c145f5377b3f69e
9b1232db01d119c355b5185186005359f9def7d8
7f93e3a2fa94109708cb1a564daad23efc87552e723544457f7058bd35467146

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7F93E3A2FA94109708CB1A564DAAD23EFC87552E723544457F7058BD35467146"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6667
Expires: Thu, 05 Jan 2023 21:22:28 GMT
Date: Thu, 05 Jan 2023 19:31:21 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dac207c9434700dc14e016f239e36591
1db04fd8d22078955e1e21535f0531a70ceb0dda
c193e12d29ad1cd2556601fe39f2ce273a2cbb7b4fa446363a36228d08cd7c7a

HTTP Headers

POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alexatracker.com/?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS8tUUlBP2JkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=d5222b60b6a1665da3c96958b0239d66

172.67.204.112

301 Moved Permanently

0 B

URL HTTP/2
alexatracker.com/?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS8tUUlBP2JkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=d5222b60b6a1665da3c96958b0239d66
IP
172.67.204.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS8tUUlBP2JkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=d5222b60b6a1665da3c96958b0239d66 HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://funkydaters.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Thu, 05 Jan 2023 19:31:21 GMT
content-length: 0
location: https://www2.funkydaters.com/-QIA?bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=5260383032786232713&c=56577017
set-cookie: trbarid=5260383032786232713;expires=Sat, 04 Jan 2025 19:31:21 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjyK6azgoUgJe03qo2X%2FG2R5sGhW%2F24phOKcac9TAZzyjpXph0JFaOE6s108l1PJs2ZePZqazez5Wng15sjiSrDwTh1HpY3ObGhCNns7MUh%2FY4y%2FN0yjyZ5QehyCccKEYOPs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784ea23d0f2bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dac207c9434700dc14e016f239e36591
1db04fd8d22078955e1e21535f0531a70ceb0dda
c193e12d29ad1cd2556601fe39f2ce273a2cbb7b4fa446363a36228d08cd7c7a

HTTP Headers

POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3435
Cache-Control: max-age=138763
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:21 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 10:04:04 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.155.171.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.155.171.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EcK1wJ4NDpzN2i6O6wSoQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5BFNMYOfTHqx6J/qR+HDxLOyWIg=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
20398fed24635ddd227e936bb73d72a1
4cdb38348df123e9e9af8f0abc19140a421aaa3e
c0ffd32540dedd3b17b92ae8fbfdcf4b533510836f94a884877d38f8ea5d06ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FFD32540DEDD3B17B92AE8FBFDCF4B533510836F94A884877D38F8EA5D06AD"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6275
Expires: Thu, 05 Jan 2023 21:15:57 GMT
Date: Thu, 05 Jan 2023 19:31:22 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1a47a34454c6d0c3abd80740d5fab14a
5db9011895faf9b07b4a74d16d24a9ed5098744b
5a2aa7cff60b528bca3e98d2ae7bc8ea7df97f142fefecbcf00f06f8728db2da

HTTP Headers

POST /s/gts1p5/EmMTM2F0_rU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js

151.101.130.217

200 OK

1.0 kB

URL HTTP/2
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP
151.101.130.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (512)
Size
1.0 kB (1021 bytes)
Hash
f7d0239ebd36ee5d6ab0a9609b0f96e4
4144af9a2224a6ee2cdbf3ec333ea9f11e6e8825
68c3f2439ad605d9bfaec914e57aa0a19c6c6466b9c73e52bd4db3aba87ca423

HTTP Headers

GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 14
content-encoding: gzip
accept-ranges: bytes
date: Thu, 05 Jan 2023 19:31:22 GMT
age: 5
x-served-by: getsentry-web-default-common-production-f55f46c77-gss6g, cache-bma1666-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1021
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Dec 2022 08:20:28 GMT
expires: Sun, 31 Dec 2023 08:20:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 472254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/style.css

54.39.22.228

200 OK

9.9 kB

URL HTTP/2
her-cupid.com/static/CwAA/style.css
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (325), with CRLF line terminators
Size
9.9 kB (9875 bytes)
Hash
1d2c185bd5d17acd4a3df39e9d7cb412
6e71b3678c2b6c28f970fd7927329d84462435ab
c02bad3cad8d508c6bc1820640f26a54a5a29ec7b4ebbbec97dec1b25bd697fc

HTTP Headers

GET /static/CwAA/style.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: text/css
content-length: 9875
last-modified: Tue, 08 Sep 2020 06:39:23 GMT
etag: "5f57271b-2693"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Oswald:700

142.250.74.106

200 OK

968 B

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
968 B (968 bytes)
Hash
77caac88414e2cbf58c7ba09df104093
405cf7f1e6e9dcd0dc238f266753f098986e0f43
9fbae0f4ab1aea81d80c52aeec9bbac620ed89a1b136676246bf3762e5dde5f9

HTTP Headers

GET /css?family=Oswald:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 05 Jan 2023 19:31:22 GMT
date: Thu, 05 Jan 2023 19:31:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.29.0/bundle.es5.min.js

151.101.130.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.29.0/bundle.es5.min.js
IP
151.101.130.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (63107)
Size
20 kB (20527 bytes)
Hash
8056fe2ab14b0a7b912ff31d129b2596
72caba03cd64c28fd759cc159db1d7832e5a7cbd
3ca0fd4d7bc30077e8fbc590663feae33e419837daf3f8646b6060ba55dfe9ed

HTTP Headers

GET /7.29.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 04 Jan 2024 16:06:50 GMT
last-modified: Wed, 04 Jan 2023 13:59:28 GMT
etag: "8056fe2ab14b0a7b912ff31d129b2596"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Thu, 05 Jan 2023 19:31:22 GMT
age: 98672
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20527
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg

54.39.22.228

200 OK

55 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
55 kB (55031 bytes)
Hash
fa01fa59dbac8ca19bec2ea30b450486
c1d9b772a96e40adf02900f244f11cec1e48a473
ae1520feca162e3c50842ca5d42a91e94b79d77932a127241da21f789542b765

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-4.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 55031
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d6f7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

142.250.74.35

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Size
10 kB (10172 bytes)
Hash
58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:32 GMT
expires: Sat, 30 Dec 2023 13:33:32 GMT
cache-control: public, max-age=31536000
age: 539870
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 07:08:09 GMT
expires: Sat, 30 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 562993
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac952a23a955cca4b6feddd6459de86f
0a20125cf6413cfa2bc989389e7e3a261b10007a
229811ad51e2204f1b3542cc1776c85a2978d2a7a2b7244efb2c0181eb80c3cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "229811AD51E2204F1B3542CC1776C85A2978D2A7A2B7244EFB2C0181EB80C3CF"
Last-Modified: Wed, 04 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7835
Expires: Thu, 05 Jan 2023 21:41:58 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.29.0

34.120.195.249

200 OK

2 B

URL HTTP/2
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.29.0
IP
34.120.195.249:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.29.0 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg

54.39.22.228

200 OK

50 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
50 kB (49563 bytes)
Hash
00fc610b7933ded2593af9378c4c8379
a3a920071f0f794f6967b738758918b889fdfd6e
605996ed01380c0d76d395e65e901b14414eac8936e83dbe373cf57dd9463613

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-6.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 49563
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c19b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-8.jpg

54.39.22.228

200 OK

39 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-8.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
39 kB (39107 bytes)
Hash
d826b4f3a7fa924e8c571d046d1fc762
ac4c5a58d67d9a412541517c23dfca55a2f565c2
d934f9611bf8239c4ca30c4fd5401071db4843b09d658d8cb39fd5445739d879

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-8.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 39107
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-98c3"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac952a23a955cca4b6feddd6459de86f
0a20125cf6413cfa2bc989389e7e3a261b10007a
229811ad51e2204f1b3542cc1776c85a2978d2a7a2b7244efb2c0181eb80c3cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "229811AD51E2204F1B3542CC1776C85A2978D2A7A2B7244EFB2C0181EB80C3CF"
Last-Modified: Wed, 04 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7835
Expires: Thu, 05 Jan 2023 21:41:58 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/K0TBC4DjskA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f034a42e07d776ec9a519872bf33bc6
97942f0fdb019475278aab85073261a7801de0b6
09c01737b393cb3f473f664cea923c9239a3b53e58a90e3518eb885e02b9b3a0

HTTP Headers

POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/K0TBC4DjskA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f034a42e07d776ec9a519872bf33bc6
97942f0fdb019475278aab85073261a7801de0b6
09c01737b393cb3f473f664cea923c9239a3b53e58a90e3518eb885e02b9b3a0

HTTP Headers

POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg

54.39.22.228

200 OK

51 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
51 kB (50780 bytes)
Hash
e56961a7f01f44e3bbc9fc03dbcf2ac0
f935d9fc22696e47d78ca9d6f015969633591489
35739ae651a2091be2c373a2e3d2c86bd4583f5fd3ad96067fb1f8002ab9850d

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-10.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 50780
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c65c"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/3-1.png

54.39.22.228

200 OK

480 B

URL HTTP/2
her-cupid.com/static/CwAA/3-1.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
480 B (480 bytes)
Hash
37ad09484eb1a7e103c1bba69ec3408d
950c14767d959c154d2ba2ceaa7867b8809731e5
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2

HTTP Headers

GET /static/CwAA/3-1.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Cookie: slappInfo64_DRSl0WO3JYo=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJEUlNsMFdPM0pZbyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwic2VhcmNoIjoiP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/png
content-length: 480
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1e0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/3-2.png

54.39.22.228

200 OK

535 B

URL HTTP/2
her-cupid.com/static/CwAA/3-2.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
535 B (535 bytes)
Hash
7621845db78d7540608060c63a721252
b24bca5f9e3ca0daf6f0f4822d66febc5c65d169
5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1

HTTP Headers

GET /static/CwAA/3-2.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Cookie: slappInfo64_DRSl0WO3JYo=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJEUlNsMFdPM0pZbyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwic2VhcmNoIjoiP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/png
content-length: 535
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-217"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg

54.39.22.228

200 OK

48 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
48 kB (47718 bytes)
Hash
140c85c3b374c0ff0f50f83bdd87c5be
126970cdb5429e49840044bf30a6caa0cbb7b2f8
ca3c90d63dd1d7e265de801f3f51ae965530df2d699c030db3e0703ced1ba185

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-15.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 47718
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ba66"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

204 No Content

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 05 Jan 2023 19:31:23 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ479FVaeDOeElJxRImG3U2aTJbP7s0JXTrgxRRvSa5r82VRFOaRToTUoI5SOxUw6jmROF7oB%2FesjMlVDFKLxFY9FR1iRlCjcjimpVyUzigohTpaT8JsugbCddnRPrpeQuEZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784ea2459a6d719f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg

54.39.22.228

200 OK

45 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
45 kB (44875 bytes)
Hash
24ac863c446ae055175737a63f304206
6dad9e555a4750b540f9757804e1be210362d08b
07add9a7a985365f8831e5f04501bdef8cea86227ebaa46149474969948ceb40

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-16.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 44875
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-af4b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg

54.39.22.228

200 OK

42 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
42 kB (41660 bytes)
Hash
60301767b2e95fe25371e6cd1a3eec71
88b805c652bcb60e452372cae923b27ddd2f345a
66db06fcfa31eb06172db01df625bf87d5edc4df96c69eead4fae277d61194c5

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-19.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 41660
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a2bc"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg

54.39.22.228

200 OK

42 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
42 kB (42527 bytes)
Hash
e6a3be4dec34551954b50f114077dd0d
8f36c2e887e8a4170528ec359b51715836e71353
603d038db14b1e0bb35ebc48e8144d17c1d9a5d261bf5414cd2cf7ea77337c57

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-21.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 42527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a61f"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg

54.39.22.228

200 OK

54 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
54 kB (53879 bytes)
Hash
62a2ff40f30e4fe6a689298d987549e1
14e60f6736e93549c767bdc27aeeae7061dc3991
7067e6c93aab43f6d10f69f4be841036419ed65fa025d2cbf62abe45b783b0b1

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-22.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 53879
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d277"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg

54.39.22.228

200 OK

54 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
54 kB (54527 bytes)
Hash
305c9be3df92bc9ee5d4115629c5ad8c
5cec66d98bcbca3dcf5a4c0227ec795d631d04da
65cb2c84af57882a7394295d8bfef3149dec2aadf873be01cc5db6a415ec9aab

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-23.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 54527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d4ff"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg

54.39.22.228

200 OK

44 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
44 kB (43558 bytes)
Hash
0c8398d5d3a2293bec58febb89ee6477
0323bbe1f567b309c329190eab457692485e44f5
8e5492174e33b6be299176a4329971092886392c66736ee656d8b0aba57dc544

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-25.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 43558
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-aa26"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg

54.39.22.228

200 OK

44 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
44 kB (43858 bytes)
Hash
b7a5bec57ebcd2b40491c5cc6ddd6609
2efc068fe606ed088deac615c13500790e1e341b
4c8da6f18010f5fa87e2342bc7d0f0caef4d10dc516a4af19002d1847630957c

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-28.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 43858
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ab52"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-11.jpg

54.39.22.228

200 OK

67 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-11.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
67 kB (67396 bytes)
Hash
d58b0f92664a000a7b26f867e37827fb
9f3e1d61b9a6493aa6d35f8c2616a42a477e27ee
ca19a82e654964824c109d8081b5defe1be25eda46c9ae828d97474b905d7f6c

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-11.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 67396
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-10744"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg

54.39.22.228

200 OK

66 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
66 kB (66094 bytes)
Hash
9d40cd92f7f69377cded2d10580ab94b
c77534ebc40019f634249ebef2cc82137d90ffc0
0d142bdaa805393d725be9f207a25d2e40570aa808240728f5d863a12f47e8ef

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-13.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: image/jpeg
content-length: 66094
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-1022e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11882
Expires: Thu, 05 Jan 2023 22:49:25 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11882
Expires: Thu, 05 Jan 2023 22:49:25 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11882
Expires: Thu, 05 Jan 2023 22:49:25 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11882
Expires: Thu, 05 Jan 2023 22:49:25 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DqWBkBqUffF-tNXmSr2AzrL7hMr0RufOsND4zDF26f8A4c1tetxnWg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 03:41:11 GMT
age: 57012
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4248 bytes)
Hash
008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zxPQmFj8Y1QxN5CKzoPL9l_tBPeokp60xLh7nhRHTWjcdKreTPy01A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 07:08:59 GMT
age: 44544
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8721 bytes)
Hash
4cecd6a1a228ac55f193a180229d3a33
9e5fd5a101828d5491305deb539dc5836c5b3065
7bbd9e261625c2d2a700a817c2f10b779c8463baacda02f9f34161c08487ca31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8721
x-amzn-requestid: 1c24289e-6169-4088-a2b8-311e3640e4bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAA7IGTdIAMFzCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe1e0-561d5981260c41511219c673;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:16:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: qoxCvnR2nVjlCdQJ6Wyq_Ot0p1SVdhl71LEKAm0-tkPMxWHGdIl42w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 07:08:44 GMT
age: 44559
etag: "9e5fd5a101828d5491305deb539dc5836c5b3065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5601 bytes)
Hash
5ce88a04d7f32ce0497bd84db44da8d4
761049019c342553004815ea394dcf282f2cc613
038aa4e5da1428524de833071814998d6c1d8b8b60d4e9c10e60d8a75f7b88fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5601
x-amzn-requestid: 54813ea9-9435-4355-910b-5b4d1eadf2ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGlhgHU1oAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b282d6-17e772ae5b70371367792063;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:08:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hB4FJa_z49ZYA_EY_5CH9CVlU2tYkrhayxyWMmR8lNxR10rjfff-MQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 06:33:38 GMT
age: 46665
etag: "761049019c342553004815ea394dcf282f2cc613"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdnjam.com/cdn/push.min.js

188.114.96.1

200 OK

18 kB

URL HTTP/2
cdnjam.com/cdn/push.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (36273)
Size
18 kB (18391 bytes)
Hash
9cc5b6380d255d2fd9cd8681c57f513c
f4d84352a161b54d219f8b743f94cb0a600dcd13
ebb6ee8d500e05152b52eb137a49f7e01511a67ac95e5138a98d51c409090c8f

HTTP Headers

GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU7MV2AeNVV5W5pq7bkjEm7Q9HeQJw3b2oOPbTihbIIJsYilgdGaMlXRkgxIT2LJOOrtCgu6ZuOsC%2BageseuiDRfWhG2TbAkrFnqN4nmxoMiXj3THhmHrCXOLrmn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784ea243b8e10b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11381 bytes)
Hash
7711a1490729319952a150b84e91a5d6
11fda31d48a4df3fd6346d92f45a680f500bff64
e9663e981c6716c243b58ac99549dfbe6dd8371c42d50add46457b5911f63529

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11381
x-amzn-requestid: 6964d7af-01cd-425b-aeb9-89a336f83a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKyuGyJoAMF91Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1aa-62558f6852d5861033eecdef;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BQpaWc_3xnsf6SPx3UvVIfgBRURZkVYrXyKQi6Khv6_90Ao78BZDeg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:55:08 GMT
age: 77775
etag: "11fda31d48a4df3fd6346d92f45a680f500bff64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/K0TBC4DjskA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f034a42e07d776ec9a519872bf33bc6
97942f0fdb019475278aab85073261a7801de0b6
09c01737b393cb3f473f664cea923c9239a3b53e58a90e3518eb885e02b9b3a0

HTTP Headers

POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 19:31:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.api-push.com/get-keys

172.64.162.28

200 OK

1.1 kB

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1940), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
c659be3061d59139cba5c5d38cc77ed8
89e0fb757c3b73d919b17fe862f615eb41783650
0f1c692a1f68ee1ecb8157fe664322856a8a7cc90b2714b57dc48dbf32b2d88f

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFfTgUsx%2FtudtVAD0g%2FjmIw8OR%2BNBTdT%2Fb0AWkrAtBuTgvKFmyIr%2BCtS7ViIAFJIyV%2FltzTUitYok6rOfBsQ8OpPD6pu07A6u6xq2lLRsp1yn%2FFLKEVMzTCMKPDFnOXcGmRv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784ea2462b5e719f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
41be192be8489267ab9289f4e328dc17
03217a734285a7bda762ce17873d41796927d035
aa1046fc37b9e69ca117bf0dc3942f40cd32bfb8d3da97ba1ec7f14b2560fcfa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA1046FC37B9E69CA117BF0DC3942F40CD32BFB8D3DA97BA1EC7F14B2560FCFA"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12872
Expires: Thu, 05 Jan 2023 23:05:55 GMT
Date: Thu, 05 Jan 2023 19:31:23 GMT
Connection: keep-alive

pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

301 Moved Permanently

166 B

URL HTTP/2
pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: openresty
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: text/html
content-length: 166
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
x-frame-options: SAMEORIGIN
rating: RTA-5042-1996-1400-1577-RTA
set-cookie: __s=63B7258B-42FE722901BB69F7-2EC6DEA9; Secure; Samesite=None
__l=63B7258B-42FE722901BB69F7-2EC6DEA9; Secure; Samesite=None; Max-Age=31556926
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63B7258B-42FE722901BB69F7-2EC6DEA9
X-Firefox-Spdy: h2

www.pornhubpremium.com/user/security/1111

66.254.114.33

302 Found

0 B

URL HTTP/1.1
www.pornhubpremium.com/user/security/1111
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user/security/1111 HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
server: openresty
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Fri, 06-Jan-2023 19:31:23 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Thu, 12-Jan-2023 19:31:23 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
bs=7ubkdf9kbrbf0gslgpjr4p37u6jrdkry; expires=Sun, 02-Jan-2033 19:31:23 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None
ss=181907447610864663; expires=Fri, 05-Jan-2024 19:31:23 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=WBKFo6fNA_nr3mklkYn7nAqjsYBrI2khYgw89e4SppWjn7fp7kNvcZX22tDxihPS
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63B7258B-42FE722101BB09A3-2D1D2AFE

www.pornhubpremium.com/premium/login?redirect=WBKFo6fNA_nr3mklkYn7nAqjsYBrI2khYgw89e4SppWjn7fp7kNvcZX22tDxihPS

66.254.114.33

200 OK

7.8 kB

URL HTTP/1.1
www.pornhubpremium.com/premium/login?redirect=WBKFo6fNA_nr3mklkYn7nAqjsYBrI2khYgw89e4SppWjn7fp7kNvcZX22tDxihPS
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)
Size
7.8 kB (7814 bytes)
Hash
562da0baf68981b6465da6e32b0ba228
f1d740716620cf309be9fede4ab2ab14fecea9e5
b1d652de2a9e8ebd84118f78c5d92b74055a5ed509bcb0c69bf73316e91f1b12

HTTP Headers

GET /premium/login?redirect=WBKFo6fNA_nr3mklkYn7nAqjsYBrI2khYgw89e4SppWjn7fp7kNvcZX22tDxihPS HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=7ubkdf9kbrbf0gslgpjr4p37u6jrdkry
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Fri, 06-Jan-2023 19:31:23 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Thu, 12-Jan-2023 19:31:23 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=821680812702514373; expires=Fri, 05-Jan-2024 19:31:23 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=44323.100000; expires=Sat, 04-Feb-2023 19:31:23 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Sat, 04-Feb-2023 19:31:23 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63B7258B-42FE722101BB09A3-2D1D2B97

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
92058146634eb4b8639ae24497c94101
89347c15bacde13ff7e86f063e8af8a8f0caa6cb
ce16fb72a8db209385070a87eb1176e87c61a2a877f52254fcac7e331a6bc20b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 19:31:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 19:48:04 GMT
Expires: Tue, 10 Jan 2023 19:48:03 GMT
Etag: "89347c15bacde13ff7e86f063e8af8a8f0caa6cb"
Cache-Control: max-age=432399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784ea2480b670afa-OSL

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.2

404 Not Found

26 kB

URL HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.2:0
ASN
#46652 SERVERSTACK-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8632)
Size
26 kB (25902 bytes)
Hash
38f0462e66df9a272fad838f7bcd6782
d1301a9663d82b3e4fc877a0bb9fa6bb0e158f24
9c0dafd6b3bafb805eb0e74211b5408f2013d72e23a2f0ea8ea51df70062d925

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 19:31:23 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com 1868565294.rsc.cdn77.org https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.cdn77.org fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.adworldmedia.com as.air2s.com cretgate.com mysexchatroom.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net bngpst.com trknex.com afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.cdn77.org *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=247eeffe164423c8UcfptCl-2ZuXMgJUXajxnyOCZQ_rRTtXo_YglJJZGCoh3u4cCRQ2ItAgAYS2JvmgrlV8WqcRdgGpgMNR3vtK5Wdlk7dFtmy00LB83ru7dHC7abPZ7hKq9NrL-JZHUrwQCkOvgxa_MFniZvyQGdt_TQYKKu5eku0z3gKZGJX_AQCIGJtO-6KYsDq1ZVCcm3Lf; expires=Sat, 04-Feb-2023 19:31:23 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

302 Found

74 kB

URL HTTP/2
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type
gzip compressed data, max speed, from Unix\012- data
Size
74 kB (73933 bytes)
Hash
1b13a4c9bc7b1c703392b0dc40600360
e3b91117c28c950204d3bbaaf7a93ee27f0aff70
91f5078cccdf223d673baec63e67de00aadd7c56e31da5b4ea3f292ce7b3c4c1

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Fri, 06-Jan-2023 19:31:23 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Thu, 12-Jan-2023 19:31:23 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=xeukngpfja9hfes8hgrd5fm2bmlm3wu2; expires=Sun, 02-Jan-2033 19:31:23 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=419515380125171932; expires=Fri, 05-Jan-2024 19:31:23 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=67064.100000; expires=Sat, 04-Feb-2023 19:31:23 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=63B7258B-42FE722901BB69F7-2EC6DF5A; Secure; Samesite=None
__l=63B7258B-42FE722901BB69F7-2EC6DF5A; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 63B7258B-42FE722901BB69F7-2EC6DF5A
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/favicon-16x16.png

54.39.22.228

200 OK

1.3 kB

URL HTTP/2
her-cupid.com/static/CwAA/favicon-16x16.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
fa61744c0140328a533d26bc93753134
ea2b1d32e78280d8207a32aa6214263db134123e
2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97

HTTP Headers

GET /static/CwAA/favicon-16x16.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_DRSl0WO3JYo=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJEUlNsMFdPM0pZbyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6eyJ0cmFmZmljV2l0aEVtYWlsQ2FzY2FkZUlkIjp0cnVlLCJyZWFsVXNlcnNDYXNjYWRlSWQiOnRydWUsIm1haW5DYXNjYWRlIjp0cnVlLCJiYWNrQ2FzY2FkZSI6dHJ1ZSwic2Vjb25kQ2xpY2tDYXNjYWRlIjp0cnVlLCJwb3BzQ2FzY2FkZSI6dHJ1ZSwicG9wc0NvdW50IjoxfSwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwic2VhcmNoIjoiP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJ4dmlkIjoiZmFsc2UifX0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:24 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-4f0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 301
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_DRSl0WO3JYo=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJEUlNsMFdPM0pZbyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwic2VhcmNoIjoiP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9fQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:23 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 562
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_DRSl0WO3JYo=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJEUlNsMFdPM0pZbyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6eyJ0cmFmZmljV2l0aEVtYWlsQ2FzY2FkZUlkIjp0cnVlLCJyZWFsVXNlcnNDYXNjYWRlSWQiOnRydWUsIm1haW5DYXNjYWRlIjp0cnVlLCJiYWNrQ2FzY2FkZSI6dHJ1ZSwic2Vjb25kQ2xpY2tDYXNjYWRlIjp0cnVlLCJwb3BzQ2FzY2FkZSI6dHJ1ZSwicG9wc0NvdW50IjoxfSwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwic2VhcmNoIjoiP2k9RFJTbDBXTzNKWW8mdT01MjYwMzgzMDMyNzg2MjMyNzEzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJ4dmlkIjoiZmFsc2UifX0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:24 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,400,700,900

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,400,700,900
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:100,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 05 Jan 2023 19:31:22 GMT
date: Thu, 05 Jan 2023 19:31:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www2.funkydaters.com/-QIA?bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9

104.21.83.86

302 Found

0 B

URL HTTP/2
www2.funkydaters.com/-QIA?bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9
IP
104.21.83.86:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /-QIA?bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1
Host: www2.funkydaters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://funkydaters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 05 Jan 2023 19:31:21 GMT
content-type: text/html; charset=UTF-8
location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS8tUUlBP2JkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=d5222b60b6a1665da3c96958b0239d66
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FFBoTpTwoxWyH1C7Pvv4JUDiPkWb1uQ%2BPHdzDau8Bg1LC8p%2BpV6O1wAt3L7XaHy%2BTKmfflEgAmloPvCnUWm2tnSsS9d2L9LOaDxJJd8CtROHyrnTolMTsoBZP1EUn3oWQXHba8GfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784ea239dd85b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /DgAA/10064/oth?i=DRSl0WO3JYo&u=5260383032786232713 HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://funkydaters.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 05 Jan 2023 19:31:22 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations