Report - w493t9utest3.hungscorindebas.gq/TSKtBH6B?keyword=krystal.knott@slurpmail.net&sub1=clear&sub3=uspace.hk.edu.tw

Report Overview

Submitted URL
w493t9utest3.hungscorindebas.gq/TSKtBH6B?keyword=krystal.knott@slurpmail.net&sub1=clear&sub3=uspace.hk.edu.tw
IP
146.190.75.35
ASN
#0
Submitted
2022-11-30 06:54:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.131
alexatracker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.2 kB	104.21.85.99
pornhub.com	4903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	718 B	66.254.114.41
js.sentry-cdn.com	5259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	1.7 kB	151.101.66.217
her-cupid.com	698724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	687 kB	54.39.22.228
browser.sentry-cdn.com	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	21 kB	151.101.66.217
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	48 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.149.164
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	14 kB	142.250.74.109
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	12 kB	104.21.58.242
dateexotic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	536 B	44 kB	172.67.159.164
www.pornhubpremium.com	142013	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	1.1 kB	66.254.114.33
www.pornhub.com	10781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	733 B	10 kB	66.254.114.41
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	32 kB	142.250.74.106
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	982 B	43 kB	142.250.74.35
lh3.google.com	213	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	956 B	172.217.21.174
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	1.6 kB	172.64.138.29
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
o65532.ingest.sentry.io	747982	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	577 B	469 B	34.120.195.249
w493t9utest3.hungscorindebas.gq	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	941 B	146.190.75.35
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	728 B	11 kB	142.250.74.106
www.xvideos.com	11464	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	32 kB	185.88.181.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	her-cupid.com/stats	Phishing
2022-11-30	medium	her-cupid.com/stats	Phishing
2022-11-30	medium	her-cupid.com/stats	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011	18 kB	2023-03-08	2023-03-11
Pretty URL her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-11 23:49:30 Times Seen1 Hash 650422bd9a367ee6bbd2f9ecf8191337 c61405ad4f78da26e3243da535723f686b31be4b e3f11db5568c30912e8ce58d0ebb802e16764f67dd40e6b7b673e27d5fafa417 Loading...

	browser.sentry-cdn.com/7.22.0/bundle.es5.min.js	62 kB	2023-03-11	2023-03-11
Pretty URL browser.sentry-cdn.com/7.22.0/bundle.es5.min.js IP 151.101.66.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:35:12 Last Seen2023-03-11 23:45:33 Times Seen1 Hash baaf3aa7af5216d1404114251c11d7d6 67ea224e51fcfacd5be07d166932298fedd100e9 26507a5d11ae5d08b61816e3f5ae6b23ec4872490c38a1c992a167575b7bc4fe Loading...

	www.pornhubpremium.com/user/security/1111	24 kB	2023-03-11	2023-03-11
Pretty URL www.pornhubpremium.com/user/security/1111 IP 66.254.114.33 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:52:39 Last Seen2023-03-11 22:52:39 Times Seen1 Hash 0f453969f8f358ab24e6c768f9b8c515 9d6dd185aa9acb16857807adb7892a9b5b237f6a 34570f8e119f4e5503195fdb0b8b26be86045ae3420e34e58dd89f9641a26787 Loading...

	pornhub.com/video/manage?o=mr&t=pr2	274 kB	2023-03-11	2023-03-11
Pretty URL pornhub.com/video/manage?o=mr&t=pr2 IP 66.254.114.41 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:52:39 Last Seen2023-03-11 22:52:39 Times Seen1 Hash 8336e5e4d0c043af270744b72bbb9636 ca5fec95b790bacea8dcc293bb0546444c5de11a f674f6843612802fac08f69f890ec0346bc39b3fdcab4b910ce3a394a551b984 Loading...

	dateexotic.com/static/js/build/bd.js	9.6 kB	2023-03-08	2024-02-28
Pretty URL dateexotic.com/static/js/build/bd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2024-02-28 12:28:08 Times Seen126 Hash f6069a3618aaf83f49bc275cefdabc62 941b46212809c234480798ed57cef569ab4316f3 56f971147c45eee57e6c99f09f4cd65f7a1a47a87b9be4814708de41decb0cd5 Loading...

	cdnjam.com/cdn/push.min.js	36 kB	2023-03-07	2024-04-26
Pretty URL cdnjam.com/cdn/push.min.js IP 104.21.58.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-04-26 17:02:02 Times Seen141 Hash 44c9e373bc246e347c8420a2eb8f54d4 5eb6010833c0c873766407c7a51ea5eafe69dbdf 2dac93602a4e47e156b8b54455dfdcd7a7a4901ab33f2a0c2c416a395e1ebda5 Loading...

	js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js	1.9 kB	2023-03-11	2023-03-11
Pretty URL js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js IP 151.101.66.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:35:12 Last Seen2023-03-11 23:45:33 Times Seen1 Hash 5071b3a0d00f3215efddf73508517a1a ccb6a539e5c4dded16fa3976815da5a6a5e428f8 bd301de652526054756e64b6536d491753a702838f6c2b0837779bd386836c5e Loading...

	her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011	94 B	2023-03-08	2023-03-13
Pretty URL her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 06:54:02 Times Seen1 Hash abd83097ff968509c2d13a68695d83d2 46bf322c6a7a8b3f2310176d14d94e76c97c366c 954970561be7c748848a5268a58ea2d6a2a3f319a1ebd3b3f1df6f4d640e4af6 Loading...

	dateexotic.com/agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h	522 B	2023-03-08	2023-03-13
Pretty URL dateexotic.com/agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h IP 172.67.159.164 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 02:11:38 Times Seen1 Hash fb67996fc9e5dfeb461edb47f6c08026 5a1d96bbf8a04ff725cfdc3dce298183a4736684 29838d2d65b29af9d0645f1913b789e92fecf1dcc260094bbcf2469aa6171e9b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 21:34:01 Times Seen139424 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011	541 B	2023-03-08	2023-05-21
Pretty URL her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011 IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-05-21 20:14:57 Times Seen64 Hash 7fbdaafa595648042e44880998db47d6 c0908c1f668700c134efbef4e5b80cbd84d08d55 cd69bfc221f9a450b2e461c17360c700c0a8efa0235a6cef616ce0c200a3b546 Loading...

HTTP Transactions (87)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2191
Expires: Wed, 30 Nov 2022 07:30:41 GMT
Date: Wed, 30 Nov 2022 06:54:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2537
Cache-Control: max-age=101958
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:10 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:13:28 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9591
Expires: Wed, 30 Nov 2022 09:34:01 GMT
Date: Wed, 30 Nov 2022 06:54:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 06:19:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2070
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ika6kKNABzGMRWFbF2xGRhQPZXR+vhgo4Ft8cctgWxgUUY0AK2cF7dLHWce7hhaoS5eaTYkfSfA=
x-amz-request-id: TT5K1Q96HF4TG047
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 06:45:07 GMT
age: 543
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

w493t9utest3.hungscorindebas.gq/TSKtBH6B?keyword=krystal.knott@slurpmail.net&sub1=clear&sub3=uspace.hk.edu.tw

146.190.75.35

302 Found

0 B

URL HTTP/1.1
w493t9utest3.hungscorindebas.gq/TSKtBH6B?keyword=krystal.knott@slurpmail.net&sub1=clear&sub3=uspace.hk.edu.tw
IP
146.190.75.35:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /TSKtBH6B?keyword=krystal.knott@slurpmail.net&sub1=clear&sub3=uspace.hk.edu.tw HTTP/1.1
Host: w493t9utest3.hungscorindebas.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 06:54:10 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://dateexotic.com/agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h
Pragma: no-cache
Set-Cookie: _subid=s8hnpa13qb7h;Expires=Saturday, 31-Dec-2022 06:54:10 GMT;Max-Age=2678400;Path=/
b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjk4XCI6MTY2OTc5MTI1MH0sXCJjYW1wYWlnbnNcIjp7XCIzM1wiOjE2Njk3OTEyNTB9LFwidGltZVwiOjE2Njk3OTEyNTB9In0.QpkdqV_3cbwXArFHHcCka6nQVWGX4u48vqzk8FboW-Y;Expires=Wednesday, 30-Oct-2075 13:48:20 GMT;Max-Age=1669877650;Path=/
_token=uuid_s8hnpa13qb7h_s8hnpa13qb7h6386fe122d6d48.97700210;Expires=Saturday, 31-Dec-2022 06:54:10 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 06:54:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
a4bdf86d064dca1dccc0c21d57e8717b
4bd1076613368773640f61cb0dfcea9289b6a5bc
d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D45AEC090DCB1E18F42AC3BD386D9C93E3D0170E89A87A209F9E73FABB5E5FDB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10883
Expires: Wed, 30 Nov 2022 09:55:33 GMT
Date: Wed, 30 Nov 2022 06:54:10 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
a4bdf86d064dca1dccc0c21d57e8717b
4bd1076613368773640f61cb0dfcea9289b6a5bc
d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D45AEC090DCB1E18F42AC3BD386D9C93E3D0170E89A87A209F9E73FABB5E5FDB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10883
Expires: Wed, 30 Nov 2022 09:55:33 GMT
Date: Wed, 30 Nov 2022 06:54:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 06:11:14 GMT
cache-control: public,max-age=3600
age: 2576
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2556
Cache-Control: max-age=96913
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:11 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:49:24 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
211cba84ea56aec93ab90522f317e4c7
8f66789c99e752a6880eef9013ae8c68d5ebf240
ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31

HTTP Headers

POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExM3FiN2gmZW1haWw9a3J5c3RhbC5rbm90dCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9czhobnBhMTNxYjdoJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=eab3b9c5760bf951ad8d82325014857c

104.21.85.99

301 Moved Permanently

0 B

URL HTTP/2
alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExM3FiN2gmZW1haWw9a3J5c3RhbC5rbm90dCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9czhobnBhMTNxYjdoJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=eab3b9c5760bf951ad8d82325014857c
IP
104.21.85.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD1zOGhucGExM3FiN2gmZW1haWw9a3J5c3RhbC5rbm90dCU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9czhobnBhMTNxYjdoJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=eab3b9c5760bf951ad8d82325014857c HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Wed, 30 Nov 2022 06:54:11 GMT
content-length: 0
location: https://www2.dateexotic.com/agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=6367953385005973011&c=2394196114
set-cookie: trbarid=6367953385005973011;expires=Fri, 29 Nov 2024 06:54:11 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRm4nLZzdu%2FCrJLOQ%2BxCY6lnvbEuV6z0tFYkbBS7AVsRYTm9BY%2Fs6Mt890vnqJEQB2EwiRMm9dQQPXByeYyKhSknbRnYGYRM9%2BL%2FQ7XvOHzDIs%2F6wOqSGlKZY6RJC%2FYlkVUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7721ab98c880b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.149.164

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.149.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xL2NHcY95zDZdZPcNWO1rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m+cjaSG0waG4KpoLUPyV2vctsyY=

ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
211cba84ea56aec93ab90522f317e4c7
8f66789c99e752a6880eef9013ae8c68d5ebf240
ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31

HTTP Headers

POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
32dcaddc3949464535cee46b03cf58d9
e3c913dd7c1f8cad36077ae722ff26d7af90fced
b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B264F3E63F403D010F1661AE0498D1EC3212D45142085054A43D1D5EF7779F0E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1258
Expires: Wed, 30 Nov 2022 07:15:10 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
02877c8019408a72ab0e61e687def77b
bb0b54de955f69994761b3130591887d033f4eef
2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1047
Cache-Control: max-age=111962
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Etag: "63860c57-116"
Expires: Thu, 01 Dec 2022 14:00:14 GMT
Last-Modified: Tue, 29 Nov 2022 13:42:47 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 278

js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js

151.101.66.217

200 OK

1.0 kB

URL HTTP/2
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (512)
Size
1.0 kB (1020 bytes)
Hash
deb34d7f2c87353155b469a5fe36ce3c
c008bc34f360a1bf8deb464e3a289dde267cd659
c6288bbdd02874245a8d4bab2da8a57328ac0571b9e55c80903609155647d345

HTTP Headers

GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 11
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 06:54:12 GMT
age: 54
x-served-by: getsentry-web-default-common-production-6745b975fc-7g2fj, cache-bma1662-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1020
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 07:01:52 GMT
expires: Tue, 28 Nov 2023 07:01:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 172340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/style.css

54.39.22.228

200 OK

9.9 kB

URL HTTP/2
her-cupid.com/static/CwAA/style.css
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (325), with CRLF line terminators
Size
9.9 kB (9875 bytes)
Hash
1d2c185bd5d17acd4a3df39e9d7cb412
6e71b3678c2b6c28f970fd7927329d84462435ab
c02bad3cad8d508c6bc1820640f26a54a5a29ec7b4ebbbec97dec1b25bd697fc

HTTP Headers

GET /static/CwAA/style.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: text/css
content-length: 9875
last-modified: Tue, 08 Sep 2020 06:39:23 GMT
etag: "5f57271b-2693"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
02877c8019408a72ab0e61e687def77b
bb0b54de955f69994761b3130591887d033f4eef
2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1047
Cache-Control: max-age=111962
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Etag: "63860c57-116"
Expires: Thu, 01 Dec 2022 14:00:14 GMT
Last-Modified: Tue, 29 Nov 2022 13:42:47 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278

fonts.googleapis.com/css?family=Oswald:700

142.250.74.106

200 OK

968 B

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
968 B (968 bytes)
Hash
bd97b9cef33401946200bf0b6d153e4f
314f8388473d571962ddb979b4c0339834b63d0b
4b1b95465707a24aa63c8174aa8755295de7a9e100ee581673e2116fe14ecf19

HTTP Headers

GET /css?family=Oswald:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 06:54:12 GMT
date: Wed, 30 Nov 2022 06:54:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

browser.sentry-cdn.com/7.22.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.22.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62148)
Size
20 kB (20204 bytes)
Hash
721a1d0830c504f6bfc4289f478dfe07
db5a2471eb5798d49e117f17402d396fa07d5d8a
6ae6be0f021a49c7047f31f7992d64f2e8f99c1fef1dc6d0043ec09f4ab54faa

HTTP Headers

GET /7.22.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 15:51:15 GMT
last-modified: Tue, 29 Nov 2022 13:39:10 GMT
etag: "721a1d0830c504f6bfc4289f478dfe07"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 06:54:12 GMT
age: 54176
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20204
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg

54.39.22.228

200 OK

55 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
55 kB (55031 bytes)
Hash
fa01fa59dbac8ca19bec2ea30b450486
c1d9b772a96e40adf02900f244f11cec1e48a473
ae1520feca162e3c50842ca5d42a91e94b79d77932a127241da21f789542b765

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-4.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 55031
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d6f7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Wed, 30 Nov 2022 07:41:09 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Wed, 30 Nov 2022 07:41:09 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Wed, 30 Nov 2022 07:41:09 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Wed, 30 Nov 2022 07:41:09 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Montserrat:100,400,700,900

142.250.74.106

200 OK

8.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,400,700,900
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
8.5 kB (8546 bytes)
Hash
f86ece0cbf4c7ffce7b1fe99183e85ea
3909c1fb80ec2804534f10f11372fc46922ac687
b99d0400a05ba9ff416a66400334d6a33bc8a79d9c1f822de2fc6602f8d9ded2

HTTP Headers

GET /css?family=Montserrat:100,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 06:54:12 GMT
date: Wed, 30 Nov 2022 06:54:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7658 bytes)
Hash
536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 32283
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11070 bytes)
Hash
4cc55889e6edaa76fa8c991914b5347b
9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a
3122c681063a6ee629f5516c433ea3cc65f771d3394df1d6c4b0a1cb91100831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11070
x-amzn-requestid: 3f342f57-8231-4ba9-9105-dd3fa43ca8d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9FNAoAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-27e7956e0f3a694338951b8a;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CiDZSUp_bo9-LK-gB21As-JDhIkZcGMJOkOhKBiWGtJ-7fRsyZ0V4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:49:23 GMT
age: 11089
etag: "9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 31187
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9330 bytes)
Hash
bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 31360
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5785 bytes)
Hash
59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 31573
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7df9e82349277ce28891f90c8f4567d5
8b7fd4310e91a2c895941675ff87dfd09b459250
2b2383f9ced9a8175201bb3fb857bab8d68345f8fd6f046d22778133c41c9dc0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B2383F9CED9A8175201BB3FB857BAB8D68345F8FD6F046D22778133C41C9DC0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9675
Expires: Wed, 30 Nov 2022 09:35:27 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

142.250.74.35

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Size
10 kB (10172 bytes)
Hash
58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:19:18 GMT
expires: Tue, 28 Nov 2023 21:19:18 GMT
cache-control: public, max-age=31536000
age: 120894
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 06:30:11 GMT
expires: Sat, 25 Nov 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 433441
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg

54.39.22.228

200 OK

50 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
50 kB (49563 bytes)
Hash
00fc610b7933ded2593af9378c4c8379
a3a920071f0f794f6967b738758918b889fdfd6e
605996ed01380c0d76d395e65e901b14414eac8936e83dbe373cf57dd9463613

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-6.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 49563
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c19b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.22.0

34.120.195.249

200 OK

2 B

URL HTTP/2
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.22.0
IP
34.120.195.249:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.22.0 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://her-cupid.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7df9e82349277ce28891f90c8f4567d5
8b7fd4310e91a2c895941675ff87dfd09b459250
2b2383f9ced9a8175201bb3fb857bab8d68345f8fd6f046d22778133c41c9dc0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B2383F9CED9A8175201BB3FB857BAB8D68345F8FD6F046D22778133C41C9DC0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9675
Expires: Wed, 30 Nov 2022 09:35:27 GMT
Date: Wed, 30 Nov 2022 06:54:12 GMT
Connection: keep-alive

cdnjam.com/cdn/push.min.js

104.21.58.242

200 OK

11 kB

URL HTTP/2
cdnjam.com/cdn/push.min.js
IP
104.21.58.242:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (36273)
Size
11 kB (11024 bytes)
Hash
57b2c7f482cdc86f2ed3d59f0ee5236a
6de6270ea76f0ac648ae4274bc0c0051f302aa4c
448b6144a61fe4e1f698a55a3700e4640dbfd174f4fd865285a207cc6ef44d64

HTTP Headers

GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEP7H3HebU1HGBnGR5Eorj8Y818D3MYl8lBl%2Bcy2rVWIDU9CNqx8QVsKxOSvhlLqbJoghvLSEHmt2yrlnKt3dRxo8RVtBNHHKWOOIvrZxFfvhTYNNeH5sdAvFka4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721ab9fe814b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dateexotic.com/agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h

172.67.159.164

200 OK

43 kB

URL HTTP/2
dateexotic.com/agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h
IP
172.67.159.164:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
43 kB (43449 bytes)
Hash
d9aea58a3ddfcd0a392afb51a94e7368
1c91a88627dc35822785c0571c55c088fa0f3e3a
f572d5a8816b6f450663680341ad42117476e92083f0cdc3fa6deca57a65adfe

HTTP Headers

GET /agEA?usid=s8hnpa13qb7h&email=krystal.knott%40slurpmail.net&sub1=clear_main&prid=s8hnpa13qb7h HTTP/1.1
Host: dateexotic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 30 Nov 2022 06:54:10 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3Bxga7VTOZKt7ZsBZtxd%2F5AXEl1h0yqr8nynhJ69xKJs03Xf6siEPRr%2BL%2F517S0lhIEES8dX9plycI%2FXM5k3nbIh6HvYFfUKNhnM6YO7ZApkfkQJRM3JjVELJfoHI5OuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7721ab92eda10b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg

54.39.22.228

200 OK

51 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
51 kB (50780 bytes)
Hash
e56961a7f01f44e3bbc9fc03dbcf2ac0
f935d9fc22696e47d78ca9d6f015969633591489
35739ae651a2091be2c373a2e3d2c86bd4583f5fd3ad96067fb1f8002ab9850d

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-10.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 50780
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c65c"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/3-1.png

54.39.22.228

200 OK

480 B

URL HTTP/2
her-cupid.com/static/CwAA/3-1.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
480 B (480 bytes)
Hash
37ad09484eb1a7e103c1bba69ec3408d
950c14767d959c154d2ba2ceaa7867b8809731e5
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2

HTTP Headers

GET /static/CwAA/3-1.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/png
content-length: 480
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1e0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/3-2.png

54.39.22.228

200 OK

535 B

URL HTTP/2
her-cupid.com/static/CwAA/3-2.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
535 B (535 bytes)
Hash
7621845db78d7540608060c63a721252
b24bca5f9e3ca0daf6f0f4822d66febc5c65d169
5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1

HTTP Headers

GET /static/CwAA/3-2.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/png
content-length: 535
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-217"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg

54.39.22.228

200 OK

48 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
48 kB (47718 bytes)
Hash
140c85c3b374c0ff0f50f83bdd87c5be
126970cdb5429e49840044bf30a6caa0cbb7b2f8
ca3c90d63dd1d7e265de801f3f51ae965530df2d699c030db3e0703ced1ba185

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-15.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 47718
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ba66"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg

54.39.22.228

200 OK

45 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
45 kB (44875 bytes)
Hash
24ac863c446ae055175737a63f304206
6dad9e555a4750b540f9757804e1be210362d08b
07add9a7a985365f8831e5f04501bdef8cea86227ebaa46149474969948ceb40

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-16.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 44875
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-af4b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg

54.39.22.228

200 OK

42 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
42 kB (41660 bytes)
Hash
60301767b2e95fe25371e6cd1a3eec71
88b805c652bcb60e452372cae923b27ddd2f345a
66db06fcfa31eb06172db01df625bf87d5edc4df96c69eead4fae277d61194c5

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-19.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 41660
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a2bc"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg

54.39.22.228

200 OK

42 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
42 kB (42527 bytes)
Hash
e6a3be4dec34551954b50f114077dd0d
8f36c2e887e8a4170528ec359b51715836e71353
603d038db14b1e0bb35ebc48e8144d17c1d9a5d261bf5414cd2cf7ea77337c57

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-21.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 42527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a61f"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg

54.39.22.228

200 OK

54 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
54 kB (53879 bytes)
Hash
62a2ff40f30e4fe6a689298d987549e1
14e60f6736e93549c767bdc27aeeae7061dc3991
7067e6c93aab43f6d10f69f4be841036419ed65fa025d2cbf62abe45b783b0b1

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-22.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 53879
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d277"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg

54.39.22.228

200 OK

54 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
54 kB (54527 bytes)
Hash
305c9be3df92bc9ee5d4115629c5ad8c
5cec66d98bcbca3dcf5a4c0227ec795d631d04da
65cb2c84af57882a7394295d8bfef3149dec2aadf873be01cc5db6a415ec9aab

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-23.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 54527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d4ff"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg

54.39.22.228

200 OK

44 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
44 kB (43558 bytes)
Hash
0c8398d5d3a2293bec58febb89ee6477
0323bbe1f567b309c329190eab457692485e44f5
8e5492174e33b6be299176a4329971092886392c66736ee656d8b0aba57dc544

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-25.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 43558
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-aa26"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg

54.39.22.228

200 OK

44 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
44 kB (43858 bytes)
Hash
b7a5bec57ebcd2b40491c5cc6ddd6609
2efc068fe606ed088deac615c13500790e1e341b
4c8da6f18010f5fa87e2342bc7d0f0caef4d10dc516a4af19002d1847630957c

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-28.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 43858
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ab52"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-11.jpg

54.39.22.228

200 OK

67 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-11.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
67 kB (67396 bytes)
Hash
d58b0f92664a000a7b26f867e37827fb
9f3e1d61b9a6493aa6d35f8c2616a42a477e27ee
ca19a82e654964824c109d8081b5defe1be25eda46c9ae828d97474b905d7f6c

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-11.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 67396
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-10744"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg

54.39.22.228

200 OK

66 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
66 kB (66094 bytes)
Hash
9d40cd92f7f69377cded2d10580ab94b
c77534ebc40019f634249ebef2cc82137d90ffc0
0d142bdaa805393d725be9f207a25d2e40570aa808240728f5d863a12f47e8ef

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-13.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: image/jpeg
content-length: 66094
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-1022e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:13 GMT
Last-Modified: Wed, 30 Nov 2022 06:11:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

172.217.21.174

302 Found

337 B

URL HTTP/2
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

HTTP Headers

GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 06:54:13 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.138.29

200 OK

798 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.138.29:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1940), with no line terminators
Size
798 B (798 bytes)
Hash
b52b97526680e174c333ef573ae186f3
9b6ab438f58765ee216d7a5c4eeee191d7ec358b
e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 174
Origin: https://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NrdrfhOhOR0YMnhglwmQI90wFq0dcYL%2BQFtFxK%2Fl%2BGxctRFWU1M0rlyU2%2BIkaDYGKemwCOORUuKO3t5y3F5DSK%2FNKwQWKKQXGvSIO50k84jholupKiv2Y6PtCRJTErim7fL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721aba1cb654065-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/favicon-150x150.png

54.39.22.228

200 OK

7.0 kB

URL HTTP/2
her-cupid.com/static/CwAA/favicon-150x150.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7017 bytes)
Hash
f19d6f44b496c9dedce8b96bd0f5f829
c887ac358a0c8d6979f8b67013954aa8cf4ab1c8
97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78

HTTP Headers

GET /static/CwAA/favicon-150x150.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: image/png
content-length: 7017
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1b69"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/favicon-16x16.png

54.39.22.228

200 OK

1.3 kB

URL HTTP/2
her-cupid.com/static/CwAA/favicon-16x16.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
fa61744c0140328a533d26bc93753134
ea2b1d32e78280d8207a32aa6214263db134123e
2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97

HTTP Headers

GET /static/CwAA/favicon-16x16.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-4f0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:13 GMT
Last-Modified: Wed, 30 Nov 2022 06:11:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a67f152254e0a2cfaf6ba5e5e51d9ae4
6ddc5ee596d0469d4d5f0bbcd1918677019337b4
d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

142.250.74.109

302 Found

409 B

URL HTTP/2
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size
409 B (409 bytes)
Hash
716b4b31e4c98bf5c0a99cfa2b48ea3f
204529fcb5b7ea6a215e8d38db33a636b4652211
823224cec2c949288c3b319db18a485b5fa41108672210f9f012275fe9732ba4

HTTP Headers

GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 06:54:13 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-770906989%3A1669791253190157&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsIItks66Wu0NTwZqumKwj3uekSuAPH_ZFp87oRQRvSL94cYZNf0k5msQ51K9psunCjNFWj
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-uTjPmk1HTlkd76EjEFk7bg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 409
server: GSE
set-cookie: __Host-GAPS=1:EoNTRpkeVS3-keII3X9iMZbFL1_ghQ:WSkR6lQCdgAMZnwM;Path=/;Expires=Fri, 29-Nov-2024 06:54:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
b3c67996d24e677f32e223785b85f1de
f830088a52e62dc7cbb331e0bc0088bc7157fcf0
ee3d85563851f3d3032c6c0d4eb76e3d7f987e9f239ccba84ad9105e2ed2fc4a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2529
Cache-Control: max-age=135049
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 06:54:13 GMT
Etag: "638660bd-139"
Expires: Thu, 01 Dec 2022 20:25:02 GMT
Last-Modified: Tue, 29 Nov 2022 19:42:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

301 Moved Permanently

166 B

URL HTTP/2
pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html
content-length: 166
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
x-frame-options: SAMEORIGIN
rating: RTA-5042-1996-1400-1577-RTA
set-cookie: __s=6386FE15-42FE722901BB0932-49E2ED4; Secure; Samesite=None
__l=6386FE15-42FE722901BB0932-49E2ED4; Secure; Samesite=None; Max-Age=31556926
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6386FE15-42FE722901BB0932-49E2ED4
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f26a8330c6c44426f6acf21c005b3f57
86cb19a53321546f23f0c38b511a764402c69083
7be6066aa3576b349ecb2d672c143065739f8e6101b4fbeea64fac2ece68c73d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BE6066AA3576B349ECB2D672C143065739F8E6101B4FBEEA64FAC2ECE68C73D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7760
Expires: Wed, 30 Nov 2022 09:03:33 GMT
Date: Wed, 30 Nov 2022 06:54:13 GMT
Connection: keep-alive

www.pornhubpremium.com/user/security/1111

66.254.114.33

302 Found

0 B

URL HTTP/1.1
www.pornhubpremium.com/user/security/1111
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user/security/1111 HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
server: openresty
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 06:54:13 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Wed, 07-Dec-2022 06:54:13 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
bs=ieoekb4n8nz87tlrpcrmpuxwuy9qeabv; expires=Sat, 27-Nov-2032 06:54:13 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None
ss=871761679243611266; expires=Thu, 30-Nov-2023 06:54:13 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1026
location: https://www.pornhubpremium.com/premium/login?redirect=GvZ9MFEexJIjPrerSBFL9IO3B_iIllYPUwWIkS6maIpXclTGaOWJbwQ9qxOdO6Jz
x-frame-options: SAMEORIGIN
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6386FE15-42FE722101BB0932-49E2F32

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
219f8629d07ce15c2074cf6cccfc7d76
e059008669e4d6be11426abb9ad005c743900e80
aac788858896764aa56cb38eb0e14d61674885f70ae5d217f548a52e6e5c1a43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 06:54:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 19:48:07 GMT
Expires: Tue, 06 Dec 2022 19:48:06 GMT
Etag: "e059008669e4d6be11426abb9ad005c743900e80"
Cache-Control: max-age=564232,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7721aba5cd59b4ee-OSL

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

302 Found

7.8 kB

URL HTTP/2
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type
gzip compressed data, max speed, from Unix\012- data
Size
7.8 kB (7793 bytes)
Hash
483373356b9a5ef7ab62b60a83faf9e5
ef3b875837968e260950c5d086202961eace5787
bf51a42ea21ebb95cd2ac1f46d3fa5a7d9fb62245f0ea5bb38f3dc26ecf1afea

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 06:54:13 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Wed, 07-Dec-2022 06:54:13 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=x4d01c2vv5bzgkz4m04wi2ayje9fa74e; expires=Sat, 27-Nov-2032 06:54:13 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=765349836227490364; expires=Thu, 30-Nov-2023 06:54:13 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=1750.100000; expires=Fri, 30-Dec-2022 06:54:13 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6386FE15-42FE722901BB0932-49E2F34; Secure; Samesite=None
__l=6386FE15-42FE722901BB0932-49E2F34; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6386FE15-42FE722901BB0932-49E2F34
X-Firefox-Spdy: h2

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.5

404 Not Found

26 kB

URL HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.5:0
ASN
#46652 SERVERSTACK-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8648)
Size
26 kB (25821 bytes)
Hash
2e4089a0ab01c8a602cb14a2f2d94b7d
b6ef48a0363eb4e679220a6f56cc32a7c5f5c908
f746a21f8454ce647a11c47799cf89cd9cbcb22a2c44be4aaad7146286cd5dfb

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 06:54:13 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=98657d03440794daLoi6q9MR0-0YdXkO--pd-mQza8Gfk-gVD1DjGENc_-QOqitnDEW_Pb7lSy3_wuzj4m4ZOxghQw3kGlItjnUcono70Rpd_xEgz6cbDEnwvLN9h3jCs_bcFW4IVrSHFlHee6rygSvJOVUwTHVW2qiNpF07JwPSVr3K8o6K2PpfeL0it_aD-z88G1PDdxsWvUYV; expires=Fri, 30-Dec-2022 06:54:13 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

accounts.google.com/v3/signin/identifier?dsh=S-770906989%3A1669791253190157&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsIItks66Wu0NTwZqumKwj3uekSuAPH_ZFp87oRQRvSL94cYZNf0k5msQ51K9psunCjNFWj

142.250.74.109

403 Forbidden

11 kB

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-770906989%3A1669791253190157&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsIItks66Wu0NTwZqumKwj3uekSuAPH_ZFp87oRQRvSL94cYZNf0k5msQ51K9psunCjNFWj
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (10795 bytes)
Hash
4c8de4faddac4a55796d5107c2a5623c
04c3e1867c9f8bb02f510dd34f598942bdf67d25
a523cb3fafba42aea3a94b31ebabca89767c4df0957c957c8aff98201542def0

HTTP Headers

GET /v3/signin/identifier?dsh=S-770906989%3A1669791253190157&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsIItks66Wu0NTwZqumKwj3uekSuAPH_ZFp87oRQRvSL94cYZNf0k5msQ51K9psunCjNFWj HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 06:54:13 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-uMZ37FJplEuL28UH0j8D8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 320
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJ4dmlkIjoiZmFsc2UifSwibHVpZCI6NDI1MzY5MDAwNDM5fQ==; userid=a7bcdd9d27771e5218b35049cf0c95d88f0230213ffb720efdde7da77a9c46e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A425369000439%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 318
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjQyNTM2OTAwMDQzOX0=; userid=a7bcdd9d27771e5218b35049cf0c95d88f0230213ffb720efdde7da77a9c46e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A425369000439%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /DgAA/10064/oth?i=Qv2bRmOG_hM&u=6367953385005973011 HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dateexotic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:12 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

her-cupid.com/user-id?nbl=&impression=Qv2bRmOG_hM&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Foth%3Fi%3DQv2bRmOG_hM%26u%3D6367953385005973011&search=%3Fi%3DQv2bRmOG_hM%26u%3D6367953385005973011&contactExists=false

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/user-id?nbl=&impression=Qv2bRmOG_hM&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Foth%3Fi%3DQv2bRmOG_hM%26u%3D6367953385005973011&search=%3Fi%3DQv2bRmOG_hM%26u%3D6367953385005973011&contactExists=false
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /user-id?nbl=&impression=Qv2bRmOG_hM&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Foth%3Fi%3DQv2bRmOG_hM%26u%3D6367953385005973011&search=%3Fi%3DQv2bRmOG_hM%26u%3D6367953385005973011&contactExists=false HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: application/json; charset=UTF-8
set-cookie: userid=a7bcdd9d27771e5218b35049cf0c95d88f0230213ffb720efdde7da77a9c46e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A425369000439%3B%7D; expires=Fri, 01-Dec-2023 03:10:53 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
access-control-allow-origin: *
X-Firefox-Spdy: h2

her-cupid.com/stats

54.39.22.228

200 OK

0 B

URL HTTP/2
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 319
Origin: https://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_Qv2bRmOG_hM=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRdjJiUm1PR19oTSIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0RnQUEvMTAwNjQvb3RoP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwic2VhcmNoIjoiP2k9UXYyYlJtT0dfaE0mdT02MzY3OTUzMzg1MDA1OTczMDExIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjo0MjUzNjkwMDA0Mzl9; userid=a7bcdd9d27771e5218b35049cf0c95d88f0230213ffb720efdde7da77a9c46e7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A425369000439%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.pornhub.com/login

66.254.114.41

200 OK

0 B

URL HTTP/2
www.pornhub.com/login
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=x4d01c2vv5bzgkz4m04wi2ayje9fa74e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 06:54:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 06:54:13 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Wed, 07-Dec-2022 06:54:13 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=142572878379705679; expires=Thu, 30-Nov-2023 06:54:13 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=85340.100000; expires=Fri, 30-Dec-2022 06:54:13 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6386FE15-42FE722901BB0932-49E2F95; Secure; Samesite=None
__l=6386FE15-42FE722901BB0932-49E2F95; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6386FE15-42FE722901BB0932-49E2F95
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations