Report - her-cupid.com/DgAA/10064/hrm

Report Overview

Submitted URL
her-cupid.com/DgAA/10064/hrm
IP
54.39.22.228
ASN
#16276 OVH SAS
Submitted
2022-12-08 09:18:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	11 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
o65532.ingest.sentry.io	747982	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	575 B	468 B	34.120.195.249
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	69 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
her-cupid.com	698724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	735 kB	54.39.22.228
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	980 B	43 kB	216.58.207.227
www.pornhub.com	10781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	1.2 kB	66.254.114.41
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	951 B	188.114.96.1
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.131
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	32 kB	142.250.74.138
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.4 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
js.sentry-cdn.com	5259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	1.7 kB	151.101.2.217
browser.sentry-cdn.com	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	21 kB	151.101.2.217
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	2.4 kB	172.64.162.28
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.57.61
pornhub.com	4903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	721 B	66.254.114.41
www.pornhubpremium.com	142013	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	9.0 kB	66.254.114.33
www.xvideos.com	11464	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	32 kB	185.88.181.11
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	728 B	1.5 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	her-cupid.com/DgAA/10064/hrm	Phishing
2022-12-08	medium	her-cupid.com/stats	Phishing
2022-12-08	medium	her-cupid.com/stats	Phishing
2022-12-08	medium	her-cupid.com/stats	Phishing
2022-12-08	medium	her-cupid.com/stats	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 21:54:46 Times Seen139428 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdnjam.com/cdn/push.min.js	36 kB	2023-03-07	2024-04-26
Pretty URL cdnjam.com/cdn/push.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-04-26 17:02:02 Times Seen141 Hash 44c9e373bc246e347c8420a2eb8f54d4 5eb6010833c0c873766407c7a51ea5eafe69dbdf 2dac93602a4e47e156b8b54455dfdcd7a7a4901ab33f2a0c2c416a395e1ebda5 Loading...

	her-cupid.com/DgAA/10064/hrm	541 B	2023-03-08	2023-05-21
Pretty URL her-cupid.com/DgAA/10064/hrm IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-05-21 20:14:57 Times Seen64 Hash 7fbdaafa595648042e44880998db47d6 c0908c1f668700c134efbef4e5b80cbd84d08d55 cd69bfc221f9a450b2e461c17360c700c0a8efa0235a6cef616ce0c200a3b546 Loading...

	her-cupid.com/DgAA/10064/hrm	18 kB	2023-03-08	2023-03-13
Pretty URL her-cupid.com/DgAA/10064/hrm IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:57:17 Last Seen2023-03-13 02:04:53 Times Seen1 Hash 2bef23b94106494fbf38217c9e12d2f0 7c5cebbc6cdb4f1f0f5fa815b86133ba34350e28 42b05d374af6df5be5307d5e362cf51751ee9b7f92bd45031939944f07cf9d92 Loading...

	pornhub.com/video/manage?o=mr&t=pr2	273 kB	2023-03-08	2023-03-08
Pretty URL pornhub.com/video/manage?o=mr&t=pr2 IP 66.254.114.41 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:57:17 Last Seen2023-03-08 21:57:17 Times Seen1 Hash 4c211e729c521749eba301dc989319dc 82c63f98d7a4494c5605248062db71971ef9f65b e56fc88f69116a3e7124c7bde11b2dd3f7f67372735b555272978d3cf45876ca Loading...

	js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js	1.9 kB	2023-03-08	2023-03-09
Pretty URL js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:32:14 Last Seen2023-03-09 04:42:41 Times Seen1 Hash ec0e9a4c8fa731dbca1e4ab226d4ac6e a80b1dded3c09c1a9254f5ba09d0fdc436b16494 77db29df7e5f32add3e9a8bda0c315b591b491e0ad4bea8dddab7ed20ac41b68 Loading...

	her-cupid.com/DgAA/10064/hrm	94 B	2023-03-08	2023-03-13
Pretty URL her-cupid.com/DgAA/10064/hrm IP 54.39.22.228 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:35 Last Seen2023-03-13 06:54:02 Times Seen1 Hash abd83097ff968509c2d13a68695d83d2 46bf322c6a7a8b3f2310176d14d94e76c97c366c 954970561be7c748848a5268a58ea2d6a2a3f319a1ebd3b3f1df6f4d640e4af6 Loading...

	browser.sentry-cdn.com/7.24.2/bundle.es5.min.js	63 kB	2023-03-08	2023-03-09
Pretty URL browser.sentry-cdn.com/7.24.2/bundle.es5.min.js IP 151.101.2.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:32:14 Last Seen2023-03-09 04:42:41 Times Seen1 Hash 2d51545af740f6445900ea5130a79328 7295f1c030ffe280bc9ed2759a2cfe63efeb7d84 9c04f8b73339e247597fc3b8a1bf2d356dbb34cc088de7f3f6d4d7d21f0a2517 Loading...

	www.pornhubpremium.com/user/security/1111	24 kB	2023-03-08	2023-03-08
Pretty URL www.pornhubpremium.com/user/security/1111 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:57:17 Last Seen2023-03-08 21:57:17 Times Seen1 Hash 6686f4aec275b9b688401a6908570dc9 e695b98435ecef98cb214eeaf4108dcd7705e26f a98cd81df2e50d21495df672e4fed2e23572d2cfc60bbe92d12e287609523b80 Loading...

HTTP Transactions (81)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17241
Expires: Thu, 08 Dec 2022 14:05:25 GMT
Date: Thu, 08 Dec 2022 09:18:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6093
Expires: Thu, 08 Dec 2022 10:59:37 GMT
Date: Thu, 08 Dec 2022 09:18:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:09 GMT
content-type: application/json
age: 595
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 09:18:04 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 9epFPJ8/ZoxAAwrEZRq0f3JCJ7WZPOzwoJQX6UAgP5pjn5eR7vmNLhfV6rWex7kAuTyXFaZ5/MA=
x-amz-request-id: H82SVW8A8NAP00C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:47:51 GMT
age: 1813
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

her-cupid.com/DgAA/10064/hrm

54.39.22.228

200 OK

7.9 kB

URL HTTP/1.1
her-cupid.com/DgAA/10064/hrm
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
7.9 kB (7883 bytes)
Hash
ac0d0a299e28a565ba84e9278501c6cc
bf70d1f24d8850da74ca07233b8144a8df95c424
ca571a03eab8450abe0a63e000ff215be828fcbaf55817ca15ab198dff2a3d8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /DgAA/10064/hrm HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 08 Dec 2022 09:18:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Content-Encoding: gzip

js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js

151.101.2.217

200 OK

1.0 kB

URL HTTP/2
js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (512)
Size
1.0 kB (1020 bytes)
Hash
db06df8af82b4cec615409bc6cc32d71
2035f756879bd451bea511b68b4a898228073379
6e77e37dc63249c76ffc80e775aecfcf9407c9c4660274ef3681c4ba80fdc0b0

HTTP Headers

GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1
Host: js.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 10
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:18:05 GMT
age: 91
x-served-by: getsentry-web-default-common-production-567cf86d7b-fb9qf, cache-bma1656-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1020
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 20:41:38 GMT
expires: Wed, 06 Dec 2023 20:41:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 131787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a7e7acac768c25cff11e9538640ad28a
a6c0d372a4fa0fc487a5169bddb1656fbe4fd9ab
a1fb0eddade9c72b11c38e06621987479418c9a33bd1d03fd385319e1233806d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 840
Cache-Control: max-age=103113
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Etag: "6390984e-118"
Expires: Fri, 09 Dec 2022 13:56:38 GMT
Last-Modified: Wed, 07 Dec 2022 13:42:38 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a7e7acac768c25cff11e9538640ad28a
a6c0d372a4fa0fc487a5169bddb1656fbe4fd9ab
a1fb0eddade9c72b11c38e06621987479418c9a33bd1d03fd385319e1233806d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 840
Cache-Control: max-age=103113
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Etag: "6390984e-118"
Expires: Fri, 09 Dec 2022 13:56:38 GMT
Last-Modified: Wed, 07 Dec 2022 13:42:38 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:55 GMT
age: 610
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b2e9d72567f1d60c75eef6e7e89d185
14fc9f5fe53d13543e126781de304cdc73dd71ff
3170becde52a965d6ee58abf99ee9cdb74bc5dcc61450ee52ea4458d7f204b10

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3170BECDE52A965D6EE58ABF99EE9CDB74BC5DCC61450EE52EA4458D7F204B10"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5648
Expires: Thu, 08 Dec 2022 10:52:13 GMT
Date: Thu, 08 Dec 2022 09:18:05 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2737
Cache-Control: max-age=88462
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:52:27 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

her-cupid.com/static/CwAA/style.css

54.39.22.228

200 OK

9.9 kB

URL HTTP/2
her-cupid.com/static/CwAA/style.css
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (325), with CRLF line terminators
Size
9.9 kB (9875 bytes)
Hash
1d2c185bd5d17acd4a3df39e9d7cb412
6e71b3678c2b6c28f970fd7927329d84462435ab
c02bad3cad8d508c6bc1820640f26a54a5a29ec7b4ebbbec97dec1b25bd697fc

HTTP Headers

GET /static/CwAA/style.css HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: text/css
content-length: 9875
last-modified: Tue, 08 Sep 2020 06:39:23 GMT
etag: "5f57271b-2693"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.24.2/bundle.es5.min.js

151.101.2.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.24.2/bundle.es5.min.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62680)
Size
20 kB (20371 bytes)
Hash
551c02d0927c4ba053990336c36f3a64
ed6d57ba5563e7308b647a418322caad40fdb9a1
98760f96d0acb8b3c7ef2890d54780f6637dfa54259e5fe32a619fa00e0459ad

HTTP Headers

GET /7.24.2/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 21:04:45 GMT
last-modified: Wed, 07 Dec 2022 19:02:53 GMT
etag: "551c02d0927c4ba053990336c36f3a64"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:18:05 GMT
age: 44000
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20371
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg

54.39.22.228

200 OK

42 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-19.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
42 kB (41660 bytes)
Hash
60301767b2e95fe25371e6cd1a3eec71
88b805c652bcb60e452372cae923b27ddd2f345a
66db06fcfa31eb06172db01df625bf87d5edc4df96c69eead4fae277d61194c5

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-19.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 41660
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a2bc"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

216.58.207.227

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Size
10 kB (10172 bytes)
Hash
58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:19:18 GMT
expires: Tue, 05 Dec 2023 21:19:18 GMT
cache-control: public, max-age=31536000
age: 215927
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://her-cupid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 528474
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c16722212e90938d6b24db4748c4104
e68cb5d1e0f0663683b4858949612a439c255b9b
e7a333eef25548f584a7630ce3698957477e28e57aa541ba6bfa0cb830394aa1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7A333EEF25548F584A7630CE3698957477E28E57AA541BA6BFA0CB830394AA1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16086
Expires: Thu, 08 Dec 2022 13:46:11 GMT
Date: Thu, 08 Dec 2022 09:18:05 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6d4a0365a75a3a788199cdd490c001c9
c81bbed711a16472d9e951ecb84923f8b993a154
e81bcf7b1cee4e7309f39a4ecb0beac2d13b573dd71a98c19680848a51d6c5f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1574
Cache-Control: max-age=170854
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Etag: "63919e0d-117"
Expires: Sat, 10 Dec 2022 08:45:39 GMT
Last-Modified: Thu, 08 Dec 2022 08:19:25 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c4745a9e86881add67f3f0af4847acf7
0ba0826b57210cf3dd4b7debda75a21acfb4bfb4
1bb03ddd5eb99532d5831870ec3c7a7e9fdd727e0ca01d8ded56694d4339b26d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5016
Cache-Control: max-age=87895
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Etag: "63904c8c-117"
Expires: Fri, 09 Dec 2022 09:43:00 GMT
Last-Modified: Wed, 07 Dec 2022 08:19:24 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279

o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.24.2

34.120.195.249

200 OK

2 B

URL HTTP/2
o65532.ingest.sentry.io/api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.24.2
IP
34.120.195.249:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.24.2 HTTP/1.1
Host: o65532.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://her-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://her-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: http://her-cupid.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c16722212e90938d6b24db4748c4104
e68cb5d1e0f0663683b4858949612a439c255b9b
e7a333eef25548f584a7630ce3698957477e28e57aa541ba6bfa0cb830394aa1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7A333EEF25548F584A7630CE3698957477E28E57AA541BA6BFA0CB830394AA1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16086
Expires: Thu, 08 Dec 2022 13:46:11 GMT
Date: Thu, 08 Dec 2022 09:18:05 GMT
Connection: keep-alive

her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg

54.39.22.228

200 OK

66 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-13.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
66 kB (66094 bytes)
Hash
9d40cd92f7f69377cded2d10580ab94b
c77534ebc40019f634249ebef2cc82137d90ffc0
0d142bdaa805393d725be9f207a25d2e40570aa808240728f5d863a12f47e8ef

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-13.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 66094
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-1022e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg

54.39.22.228

200 OK

48 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-15.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
48 kB (47718 bytes)
Hash
140c85c3b374c0ff0f50f83bdd87c5be
126970cdb5429e49840044bf30a6caa0cbb7b2f8
ca3c90d63dd1d7e265de801f3f51ae965530df2d699c030db3e0703ced1ba185

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-15.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 47718
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ba66"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

204 No Content

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:18:05 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJCIzowoCeoxZuEFAR6bLhbYqecQuEk%2FRNMEuWqCctQr%2BmiJKHTnBxuldp153PyZqCwt3MMGHrcKwoLCrKeuw%2FPeI19%2BNBgP3Ui2EJvlAdHWh9%2Fc%2F7TBDN%2Ff3A%2Fw8qlsSokd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776469667ebd76fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eoshuwq8WzEBgvB4BEhzdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lTfy+W2aMxf+Kaey4jg5IyzajbA=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6d4a0365a75a3a788199cdd490c001c9
c81bbed711a16472d9e951ecb84923f8b993a154
e81bcf7b1cee4e7309f39a4ecb0beac2d13b573dd71a98c19680848a51d6c5f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1574
Cache-Control: max-age=170854
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:05 GMT
Etag: "63919e0d-117"
Expires: Sat, 10 Dec 2022 08:45:39 GMT
Last-Modified: Thu, 08 Dec 2022 08:19:25 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg

54.39.22.228

200 OK

42 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-21.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
42 kB (42527 bytes)
Hash
e6a3be4dec34551954b50f114077dd0d
8f36c2e887e8a4170528ec359b51715836e71353
603d038db14b1e0bb35ebc48e8144d17c1d9a5d261bf5414cd2cf7ea77337c57

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-21.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 42527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-a61f"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg

54.39.22.228

200 OK

54 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-22.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
54 kB (53879 bytes)
Hash
62a2ff40f30e4fe6a689298d987549e1
14e60f6736e93549c767bdc27aeeae7061dc3991
7067e6c93aab43f6d10f69f4be841036419ed65fa025d2cbf62abe45b783b0b1

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-22.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 53879
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d277"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/3-1.png

54.39.22.228

200 OK

480 B

URL HTTP/2
her-cupid.com/static/CwAA/3-1.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
480 B (480 bytes)
Hash
37ad09484eb1a7e103c1bba69ec3408d
950c14767d959c154d2ba2ceaa7867b8809731e5
1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2

HTTP Headers

GET /static/CwAA/3-1.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/png
content-length: 480
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1e0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/3-2.png

54.39.22.228

200 OK

535 B

URL HTTP/2
her-cupid.com/static/CwAA/3-2.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
535 B (535 bytes)
Hash
7621845db78d7540608060c63a721252
b24bca5f9e3ca0daf6f0f4822d66febc5c65d169
5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1

HTTP Headers

GET /static/CwAA/3-2.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://her-cupid.com/static/CwAA/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/png
content-length: 535
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-217"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg

54.39.22.228

200 OK

45 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-16.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
45 kB (44875 bytes)
Hash
24ac863c446ae055175737a63f304206
6dad9e555a4750b540f9757804e1be210362d08b
07add9a7a985365f8831e5f04501bdef8cea86227ebaa46149474969948ceb40

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-16.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 44875
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-af4b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg

54.39.22.228

200 OK

54 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-23.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
54 kB (54527 bytes)
Hash
305c9be3df92bc9ee5d4115629c5ad8c
5cec66d98bcbca3dcf5a4c0227ec795d631d04da
65cb2c84af57882a7394295d8bfef3149dec2aadf873be01cc5db6a415ec9aab

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-23.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 54527
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d4ff"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg

54.39.22.228

200 OK

44 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-25.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
44 kB (43558 bytes)
Hash
0c8398d5d3a2293bec58febb89ee6477
0323bbe1f567b309c329190eab457692485e44f5
8e5492174e33b6be299176a4329971092886392c66736ee656d8b0aba57dc544

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-25.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 43558
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-aa26"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg

54.39.22.228

200 OK

55 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-4.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
55 kB (55031 bytes)
Hash
fa01fa59dbac8ca19bec2ea30b450486
c1d9b772a96e40adf02900f244f11cec1e48a473
ae1520feca162e3c50842ca5d42a91e94b79d77932a127241da21f789542b765

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-4.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 55031
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-d6f7"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg

54.39.22.228

200 OK

50 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-6.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
50 kB (49563 bytes)
Hash
00fc610b7933ded2593af9378c4c8379
a3a920071f0f794f6967b738758918b889fdfd6e
605996ed01380c0d76d395e65e901b14414eac8936e83dbe373cf57dd9463613

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-6.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 49563
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c19b"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg

54.39.22.228

200 OK

44 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-28.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
44 kB (43858 bytes)
Hash
b7a5bec57ebcd2b40491c5cc6ddd6609
2efc068fe606ed088deac615c13500790e1e341b
4c8da6f18010f5fa87e2342bc7d0f0caef4d10dc516a4af19002d1847630957c

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-28.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 43858
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-ab52"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-8.jpg

54.39.22.228

200 OK

39 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-8.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
39 kB (39107 bytes)
Hash
d826b4f3a7fa924e8c571d046d1fc762
ac4c5a58d67d9a412541517c23dfca55a2f565c2
d934f9611bf8239c4ca30c4fd5401071db4843b09d658d8cb39fd5445739d879

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-8.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 39107
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-98c3"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg

54.39.22.228

200 OK

51 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-10.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
51 kB (50780 bytes)
Hash
e56961a7f01f44e3bbc9fc03dbcf2ac0
f935d9fc22696e47d78ca9d6f015969633591489
35739ae651a2091be2c373a2e3d2c86bd4583f5fd3ad96067fb1f8002ab9850d

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-10.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 50780
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-c65c"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/pics-for-bg/pic-11.jpg

54.39.22.228

200 OK

67 kB

URL HTTP/2
her-cupid.com/static/CwAA/pics-for-bg/pic-11.jpg
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 430x430, components 3\012- data
Size
67 kB (67396 bytes)
Hash
d58b0f92664a000a7b26f867e37827fb
9f3e1d61b9a6493aa6d35f8c2616a42a477e27ee
ca19a82e654964824c109d8081b5defe1be25eda46c9ae828d97474b905d7f6c

HTTP Headers

GET /static/CwAA/pics-for-bg/pic-11.jpg HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: image/jpeg
content-length: 67396
last-modified: Tue, 08 Sep 2020 07:47:27 GMT
etag: "5f57370f-10744"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
d6045b68aef048808c3ad1a61a6c2d93
f497faecbceb2b67553dfa16c728c3c90975e756
549c5751efaacaa5fdafd9c81d15f6d0d9d0c8febb3894ff9e252b8afdbf46d3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5571
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:06 GMT
Last-Modified: Thu, 08 Dec 2022 07:45:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314

her-cupid.com/static/CwAA/favicon-150x150.png

54.39.22.228

200 OK

7.0 kB

URL HTTP/2
her-cupid.com/static/CwAA/favicon-150x150.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7017 bytes)
Hash
f19d6f44b496c9dedce8b96bd0f5f829
c887ac358a0c8d6979f8b67013954aa8cf4ab1c8
97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78

HTTP Headers

GET /static/CwAA/favicon-150x150.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:06 GMT
content-type: image/png
content-length: 7017
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-1b69"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

her-cupid.com/static/CwAA/favicon-16x16.png

54.39.22.228

200 OK

1.3 kB

URL HTTP/2
her-cupid.com/static/CwAA/favicon-16x16.png
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
fa61744c0140328a533d26bc93753134
ea2b1d32e78280d8207a32aa6214263db134123e
2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97

HTTP Headers

GET /static/CwAA/favicon-16x16.png HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 09:18:06 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 08 Sep 2020 06:37:56 GMT
etag: "5f5726c4-4f0"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
79139a6fe831048775c2201bd3d4157f
f6c5327658a7691159f925d8469472a59d6613c1
3e79317a573abf66517c8a1d15887ca2ecfba8c82c32506153ebd3dc93119c19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E79317A573ABF66517C8A1D15887CA2ECFBA8C82C32506153EBD3DC93119C19"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Thu, 08 Dec 2022 10:52:19 GMT
Date: Thu, 08 Dec 2022 09:18:06 GMT
Connection: keep-alive

pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

301 Moved Permanently

166 B

URL HTTP/2
pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: openresty
date: Thu, 08 Dec 2022 09:18:06 GMT
content-type: text/html
content-length: 166
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
x-frame-options: SAMEORIGIN
rating: RTA-5042-1996-1400-1577-RTA
set-cookie: __s=6391ABCE-42FE722901BB5162-4A031915; Secure; Samesite=None
__l=6391ABCE-42FE722901BB5162-4A031915; Secure; Samesite=None; Max-Age=31556926
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6391ABCE-42FE722901BB5162-4A031915
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
712ea01214a0476ba7095a06fac49e38
896f5d17dc31ee2c3e3103ad0ffedf3b4f903e2d
fe62d700699e474f3faf032985e5114fa822016f16b161282a3a0b6799ec888e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:18:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 19:48:09 GMT
Expires: Tue, 13 Dec 2022 19:48:08 GMT
Etag: "896f5d17dc31ee2c3e3103ad0ffedf3b4f903e2d"
Cache-Control: max-age=469201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77646968de29b515-OSL

app.api-push.com/get-keys

172.64.162.28

200 OK

798 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1940), with no line terminators
Size
798 B (798 bytes)
Hash
b52b97526680e174c333ef573ae186f3
9b6ab438f58765ee216d7a5c4eeee191d7ec358b
e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 137
Origin: http://her-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:06 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtGYPC5uRHYA2yU8gzwpJg3cARslB420iVmSXMTRxYn5JL6Xklz33am%2BYnrN0rha5XWbSRmjnKkoHSk6IjH61QbeFtHLxEIDkXtThLvGFF3Ppqa1FAxBmqP6j3oSNde4PKhV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646966ef5276fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pornhubpremium.com/premium/login?redirect=cZQgchChxwRnk1hrI0RQBT8UT6iU3HnnLD8V9LolH8oaj5XP-OZ5DjeNFKzSbUes

66.254.114.33

200 OK

7.8 kB

URL HTTP/1.1
www.pornhubpremium.com/premium/login?redirect=cZQgchChxwRnk1hrI0RQBT8UT6iU3HnnLD8V9LolH8oaj5XP-OZ5DjeNFKzSbUes
IP
66.254.114.33:0
ASN
#29789 REFLECTED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)
Size
7.8 kB (7795 bytes)
Hash
da8a7739a89f53c4e8a849ecc53d864d
09ecef9af25c056bfcbebd4de55615d89d2a889f
6e6705f7302a75b1d023343d6604c567e8b43ce1b8ee593e870cd8576cf0dc19

HTTP Headers

GET /premium/login?redirect=cZQgchChxwRnk1hrI0RQBT8UT6iU3HnnLD8V9LolH8oaj5XP-OZ5DjeNFKzSbUes HTTP/1.1
Host: www.pornhubpremium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bs=thzv3p8j08noijz7sd4j7yjvos996n5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Thu, 08 Dec 2022 09:18:06 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Fri, 09-Dec-2022 09:18:06 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Thu, 15-Dec-2022 09:18:06 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=806876283069195351; expires=Fri, 08-Dec-2023 09:18:06 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=56851.100000; expires=Sat, 07-Jan-2023 09:18:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Sat, 07-Jan-2023 09:18:06 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6391ABCE-42FE722101BBDB80-4CB3F230

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.11

404 Not Found

26 kB

URL HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.11:0
ASN
#46652 SERVERSTACK-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8638)
Size
26 kB (25803 bytes)
Hash
7474d5b202029e16b26082b13d33ecfc
452926dbe978573d306e6cf00b71a43bac66bc13
2e19c00a3da86671f7865f3a52bfbe91cd25524c0be9f14b1f86053afff798cc

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 09:18:06 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net;
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: session_token=9d7447107c3eca17BJadm3JpnwOL0Rabe6lq1lxOrFQkPhSaO0ZhZpCxPBH4Ebc3x5Koe_CjTg1jshyeodpE66C9YhW8wPSS1MythnqjjDhEP8w8u8ylnhV5Vfoc9ZQHoSJQwX7-7S9Z-XcJMFiRVeKRBnUgnNVhvQOJYNkvaxt_p82ylSoSjIHeKMOHyJHP-2hLjWhu9d5CuLcl; expires=Sat, 07-Jan-2023 09:18:06 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

her-cupid.com/user-id?nbl=&impression=&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=http%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Fhrm&search=&contactExists=false

54.39.22.228

200 OK

38 B

URL HTTP/1.1
her-cupid.com/user-id?nbl=&impression=&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=http%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Fhrm&search=&contactExists=false
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
38 B (38 bytes)
Hash
bb2779854c6ea0314a27000263ff3cfc
7a0de08a6e6afc9fe300c93b1b35c882a8b2f342
d872e1fd9f52448fca5c04b3c16493a19012f91d98e6a0386419248f8585cfd7

HTTP Headers

GET /user-id?nbl=&impression=&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=http%3A%2F%2Fher-cupid.com%2FDgAA%2F10064%2Fhrm&search=&contactExists=false HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_null=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOm51bGwsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cDovL2hlci1jdXBpZC5jb20vRGdBQS8xMDA2NC9ocm0iLCJzZWFyY2giOiIiLCJjb250YWN0RXhpc3RzIjpmYWxzZSwiZXZlbnQiOiJsb2FkIn0=

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 08 Dec 2022 09:18:06 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: userid=4b084fe4db5a805ebe6d516d6d108aa974d5c8e6020413f1eaf050bb230d1389a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A277676702088%3B%7D; expires=Sat, 09-Dec-2023 05:34:46 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
Access-Control-Allow-Origin: *

her-cupid.com/stats

54.39.22.228

404 Not Found

43 B

URL HTTP/1.1
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
384ca34aa16dc6ce293be59be14debee
8e534edfbebe4b1a7021bd042dafb9bb724653fe
3452525005a4a39d8f274e312a7a28b6c081bd6d68b5ccce3b1bedd2721b79ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 264
Origin: http://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_null=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOm51bGwsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cDovL2hlci1jdXBpZC5jb20vRGdBQS8xMDA2NC9ocm0iLCJzZWFyY2giOiIiLCJjb250YWN0RXhpc3RzIjpmYWxzZSwiZXZlbnQiOiJsb2FkIiwiZGF0YSI6eyJyZXNwb25zZVN0YXJ0Ijo1NDYsImRvbUludGVyYWN0aXZlIjoxMTY1LCJkb21Db21wbGV0ZSI6MTU2MX19

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 08 Dec 2022 09:18:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

her-cupid.com/stats

54.39.22.228

404 Not Found

43 B

URL HTTP/1.1
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
384ca34aa16dc6ce293be59be14debee
8e534edfbebe4b1a7021bd042dafb9bb724653fe
3452525005a4a39d8f274e312a7a28b6c081bd6d68b5ccce3b1bedd2721b79ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 201
Origin: http://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_null=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOm51bGwsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cDovL2hlci1jdXBpZC5jb20vRGdBQS8xMDA2NC9ocm0iLCJzZWFyY2giOiIiLCJjb250YWN0RXhpc3RzIjpmYWxzZSwiZXZlbnQiOiJleHRzZXMiLCJkYXRhIjp7InBocCI6ImZhbHNlIn19

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 08 Dec 2022 09:18:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

her-cupid.com/stats

54.39.22.228

404 Not Found

43 B

URL HTTP/1.1
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
384ca34aa16dc6ce293be59be14debee
8e534edfbebe4b1a7021bd042dafb9bb724653fe
3452525005a4a39d8f274e312a7a28b6c081bd6d68b5ccce3b1bedd2721b79ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: http://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_null=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOm51bGwsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cDovL2hlci1jdXBpZC5jb20vRGdBQS8xMDA2NC9ocm0iLCJzZWFyY2giOiIiLCJjb250YWN0RXhpc3RzIjpmYWxzZSwiZXZlbnQiOiJleHRzZXMiLCJkYXRhIjp7InBoIjoiZmFsc2UifSwibHVpZCI6Mjc3Njc2NzAyMDg4fQ==; userid=4b084fe4db5a805ebe6d516d6d108aa974d5c8e6020413f1eaf050bb230d1389a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A277676702088%3B%7D

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 08 Dec 2022 09:18:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

her-cupid.com/stats

54.39.22.228

404 Not Found

43 B

URL HTTP/1.1
her-cupid.com/stats
IP
54.39.22.228:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
384ca34aa16dc6ce293be59be14debee
8e534edfbebe4b1a7021bd042dafb9bb724653fe
3452525005a4a39d8f274e312a7a28b6c081bd6d68b5ccce3b1bedd2721b79ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /stats HTTP/1.1
Host: her-cupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 202
Origin: http://her-cupid.com
Connection: keep-alive
Cookie: slappInfo64_null=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOm51bGwsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cDovL2hlci1jdXBpZC5jb20vRGdBQS8xMDA2NC9ocm0iLCJzZWFyY2giOiIiLCJjb250YWN0RXhpc3RzIjpmYWxzZSwiZXZlbnQiOiJleHRzZXMiLCJkYXRhIjp7Inh2aWQiOiJmYWxzZSJ9fQ==

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 08 Dec 2022 09:18:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6110 bytes)
Hash
fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: ddb5c208-5bfe-4e8c-9fdd-55076fac9eb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czg9FGl2IAMFxYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63914853-148fec9213f360520ff3c52a;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 02:13:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: l8PbqnzJrf0uHiLE9iy5PSfKl8f4520ddTxkji7GyUyAWuX9Sc4U0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:20:38 GMT
age: 17849
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10164 bytes)
Hash
3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 76010
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8179 bytes)
Hash
311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 37686
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13556 bytes)
Hash
57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
age: 39883
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 34955
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5620 bytes)
Hash
ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
age: 39883
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9058 bytes)
Hash
f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6ET1Tfo1QXRpjkWyOE7jfYnWToK8h7ojB31efNc09awacwlCIYEPjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:19:28 GMT
age: 7125
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

302 Found

0 B

URL HTTP/2
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 08 Dec 2022 09:18:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Fri, 09-Dec-2022 09:18:06 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Thu, 15-Dec-2022 09:18:06 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
bs=ezps5bru55oe6wm5imom2rlepf2isvv7; expires=Sun, 05-Dec-2032 09:18:06 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None
ss=401215900530232352; expires=Fri, 08-Dec-2023 09:18:06 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=47196.100000; expires=Sat, 07-Jan-2023 09:18:06 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6391ABCE-42FE722901BB5162-4A03197A; Secure; Samesite=None
__l=6391ABCE-42FE722901BB5162-4A03197A; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6391ABCE-42FE722901BB5162-4A03197A
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:700

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:700
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Oswald:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 09:18:05 GMT
date: Thu, 08 Dec 2022 09:18:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,400,700,900

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,400,700,900
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:100,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 09:18:05 GMT
date: Thu, 08 Dec 2022 09:18:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnjam.com/cdn/push.min.js

188.114.96.1

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/push.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/push.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:05 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"44c9e373bc246e347c8420a2eb8f54d4"
last-modified: Mon, 06 Jun 2022 20:30:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8C82243EE0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 2417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRJVaD0gIj4xXw%2BPihm4VIVhTrO84UrmDVG3nwpECPhPRT5lHjebWB%2BX3r5ZQeKcx1Wpxkr9J2ipX5WZH6KgY6kUsRiuN4fUGF91W1oMWxXuBCqZ3VGnMxTUr306"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7764696348b30b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations