urlquery - report: dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-28 16:39:41 UTC	142.250.74.10
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
lh3.google.com (1)	213	2013-06-02 21:16:56 UTC	2020-05-01 19:11:57 UTC	142.250.74.142
accounts.google.com (2)	81	2016-09-05 09:39:47 UTC	2022-11-28 21:41:03 UTC	216.58.207.237
www2.dateexotic.com (1)	0	2022-11-09 12:59:30 UTC	2022-11-28 21:25:08 UTC	104.21.34.109	Unknown ranking
cdnjam.com (1)	204001	2021-02-18 07:53:51 UTC	2022-11-28 21:52:44 UTC	104.21.58.242
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-11-28 20:22:57 UTC	142.250.74.74
app.api-push.com (2)	307671	2021-12-06 12:20:56 UTC	2022-11-28 21:52:44 UTC	172.64.139.29
fonts.gstatic.com (2)	0	2014-09-09 00:40:21 UTC	2022-11-28 23:28:37 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
www.facebook.com (1)	99	2012-05-21 00:23:41 UTC	2021-06-08 06:38:51 UTC	31.13.72.36
www.pornhubpremium.com (1)	142013	2014-02-24 07:26:05 UTC	2020-04-11 12:46:17 UTC	66.254.114.33
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-28 05:53:26 UTC	34.117.237.239
alexatracker.com (1)	0	2020-10-28 18:44:06 UTC	2022-11-29 03:11:05 UTC	172.67.204.112	Unknown ranking
o65532.ingest.sentry.io (1)	747982	2022-06-02 01:41:52 UTC	2022-11-28 21:52:44 UTC	34.120.195.249
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-28 05:55:58 UTC	34.102.187.140
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.71.202.2
her-cupid.com (9)	698724	2021-08-09 12:54:36 UTC	2022-11-29 00:00:19 UTC	54.39.22.228
pornhub.com (1)	4903	2012-05-22 01:01:29 UTC	2022-11-28 21:52:45 UTC	66.254.114.41
www.pornhub.com (2)	10781	2012-05-21 06:55:53 UTC	2020-05-05 12:49:23 UTC	66.254.114.41
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
e1.o.lencr.org (2)	6159	No data	No data	23.36.76.226
ocsp.pki.goog (13)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
js.sentry-cdn.com (1)	5259	2018-07-13 11:42:06 UTC	2022-11-29 01:50:26 UTC	151.101.2.217
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
dateexotic.com (3)	0	2020-10-21 10:51:18 UTC	2022-11-28 14:52:54 UTC	172.67.159.164	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
r3.o.lencr.org (8)	344	No data	No data	23.36.77.32
www.xvideos.com (1)	11464	2012-05-21 18:29:12 UTC	2020-03-18 14:38:47 UTC	185.88.181.8

Scan Date	Severity	Indicator	Comment
2022-11-29	2	dateexotic.com/static/js/build/bd.js	Phishing
2022-11-29	2	her-cupid.com/stats	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-31 11:04:43 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2phgvpv1csk2i&email= (...)	172.67.159.164
2023-01-31 08:08:53 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1crtqn&email= (...)	172.67.159.164
2023-01-25 05:46:59 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2ph056j1b5lnr&email= (...)	172.67.159.164
2023-01-22 17:57:37 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1bk9i0&email= (...)	172.67.159.164
2023-01-21 10:56:18 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2rtplj01bavpv&email= (...)	172.67.159.164

Date	UQ / IDS / BL	URL	IP
2023-02-03 09:22:10 +0000	0 - 0 - 2	fintechtds.com/CVHGv137	188.114.97.1
2023-02-03 09:21:41 +0000	0 - 1 - 0	nitroflare.com/view/78A564ED5D76056/Internati (...)	104.31.16.3
2023-02-03 09:21:19 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/76812005912923 (...)	162.159.129.233
2023-02-03 09:21:04 +0000	0 - 1 - 0	www.regjeringen.no/contentassets/5bf0d0ed9f74 (...)	104.18.2.141
2023-02-03 09:20:20 +0000	0 - 0 - 5	smna0tdjhc63dc4facd8b7b.rihann.ru/Mam9yZGFuQG (...)	188.114.96.1

Date	UQ / IDS / BL	URL	IP
2023-01-31 11:04:43 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2phgvpv1csk2i&email= (...)	172.67.159.164
2023-01-31 08:08:53 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1crtqn&email= (...)	172.67.159.164
2023-01-28 13:15:38 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=sr2f6b1ch1ln&email=s (...)	104.21.34.109
2023-01-25 05:46:59 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2ph056j1b5lnr&email= (...)	172.67.159.164
2023-01-23 06:31:47 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...)	104.21.34.109

Date	UQ / IDS / BL	URL	IP
2023-01-19 07:55:21 +0000	0 - 0 - 3	froiser.com/chevachie/3540084345/heliolatry/e (...)	185.229.181.62
2023-01-18 12:56:22 +0000	0 - 7 - 3	qustaust.ga/animastic/3877755438/pondfish/med (...)	46.150.26.8
2023-01-18 10:53:51 +0000	0 - 2 - 4	farsthac.cf/anacamptically/3839485193/epiphys (...)	46.150.29.240
2023-01-17 12:23:55 +0000	0 - 0 - 3	dateexotic.com/agEA?usid=b0eglg1ajg7i&email=p (...)	104.21.34.109
2023-01-15 13:14:46 +0000	0 - 1 - 3	vz8h75os12test3.joibosfuncsibbizu.cf/TSKtBH6B (...)	146.190.75.35

Request	Response
GET /agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slur (...) FQDN: dateexotic.com IP: 172.67.159.164 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 172.67.159.164 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 29 Nov 2022 06:15:01 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONPL%2B6lJwRZ87%2BzklriICfu4e3JCs3aVWBfpKs5ZvRN6LY9ISU5OkZ8dkXHjmA1x8sTNVWHGHWkzKYQ15KxGvtm72n98MVEYhheJ8yBB%2FbKAHmJxY%2ByvRWgDv6nZxmfFMg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771934dbaf9bb50b-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6498 Expires: Tue, 29 Nov 2022 08:03:19 GMT Date: Tue, 29 Nov 2022 06:15:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5daf4dc99951793ae2315d4795e8146 Sha1: 4427507ca4d3a5632cc8f598afbc85e2195d00bd Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4406 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:01 GMT Last-Modified: Tue, 29 Nov 2022 05:01:36 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12117 Expires: Tue, 29 Nov 2022 09:36:59 GMT Date: Tue, 29 Nov 2022 06:15:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 29 Nov 2022 05:17:52 GMT cache-control: public,max-age=3600 age: 3430 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 6aM4i2G2Bicbm71a5Wvs7xfcaSNLInGvQGQCKVBeP/z/60s/o7EgLb/M0x8xSAZDYdLL2DaQxMc= x-amz-request-id: P4S52X8B6GFMF7RX content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 29 Nov 2022 05:45:20 GMT age: 1782 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 172.67.159.164 HASH: f33bcea37e8bb80f4a054283ec3fee0a4d40929979ff0e1f7b5b67f04c5b7649 172.67.159.164 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Tue, 29 Nov 2022 06:15:02 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 771934de0a41b50b-OSL Age: 15325 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DBOmX9LwH9hlZoBRzfaxktCRRlZJg2TuU6O5SC7zWZoghQ6NYjGcuAlyCt%2BRwGdrHgO0%2F4mx%2Buy7%2FbelBqmHZOCpEszukotbPqvKqIJ%2FmlWkmcApRZWa6DeK7iXhrl%2B5w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3566 Md5: cfed7ea7fab839427d802070c1a7c3a8 Sha1: e2bb93dbb83ed6edf4563709e395bf1747d16979 Sha256: f33bcea37e8bb80f4a054283ec3fee0a4d40929979ff0e1f7b5b67f04c5b7649 Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 06:15:02 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16733 Expires: Tue, 29 Nov 2022 10:53:55 GMT Date: Tue, 29 Nov 2022 06:15:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: bdc61008a8346add5bdf318110268996 Sha1: af94755b7e04b467ec712148e18d35c953e32c4b Sha256: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 172.67.159.164 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 172.67.159.164 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 29 Nov 2022 06:15:02 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drtD7y%2BmQLL10tZGRdX24yykhyQHO6Zb3TlFqgKvXcPG9%2FJAIHnQpZce6lhlgOt7tyXx3XYve8q2tRjTRTLvX%2Bt95twzCG8EokOPwZK6jY5HkAMBZn6LHPRTb826WyWOAw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771934df4b51b50b-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 29 Nov 2022 06:11:13 GMT cache-control: public,max-age=3600 age: 229 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5770 Cache-Control: max-age=102483 Date: Tue, 29 Nov 2022 06:15:02 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:43:05 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16733 Expires: Tue, 29 Nov 2022 10:53:55 GMT Date: Tue, 29 Nov 2022 06:15:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: bdc61008a8346add5bdf318110268996 Sha1: af94755b7e04b467ec712148e18d35c953e32c4b Sha256: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:02 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: d5fcee7c27f9d0c87276be2c3411fe55 Sha1: 9a857691d56baf4ec5c9346c1d80cda18d4be034 Sha256: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zb3ZsOTl0MTNsN3NqJmVtYWlsPWZlbGl4JTQwc2x1cnBtYWlsLm5ldCZzdWIxPWNsZWFyX21haW4mcHJpZD0zb3ZsOTl0MTNsN3NqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=a1d624537a47e88c03b1f240dba3401b HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 172.67.204.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.204.112 HTTP/2 301 Moved Permanently date: Tue, 29 Nov 2022 06:15:02 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix%40slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=3767906554830234470&c=838369804 set-cookie: trbarid=3767906554830234470;expires=Thu, 28 Nov 2024 06:15:02 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPV2gvKHeZofiAYrehse19RIzj1haAqybRvQvAcRBHfyBrMDJu1sdFTuTdwrg6rCS9VxSIJ5mf%2B4TtBaTCoJmT66ZtF3SFxstc9fvSuCbZrOAO0CQARIDtnijO74Eo56yRKW"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 771934e2ca06b4ff-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /agEA?usid=3ovl99t13l7sj&email=felix%40slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix (...) FQDN: www2.dateexotic.com IP: 104.21.34.109 HASH: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f 104.21.34.109 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Tue, 29 Nov 2022 06:15:02 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zb3ZsOTl0MTNsN3NqJmVtYWlsPWZlbGl4JTQwc2x1cnBtYWlsLm5ldCZzdWIxPWNsZWFyX21haW4mcHJpZD0zb3ZsOTl0MTNsN3NqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=a1d624537a47e88c03b1f240dba3401b access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvgY5EYEOMiYJuLrPRIsrHKbk6MNdM1J%2BlegDxtgv541mTZEpjGU%2Ft8yONLJ4Pv%2BHiYo%2BFW53VFchydok15kHJSCmNkLLHucRIaAg9gJPfYoIpSX%2FE7N1BwdPWiKI4dFp%2FSUi7v%2F"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934deee6db511-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 471 Md5: d5fcee7c27f9d0c87276be2c3411fe55 Sha1: 9a857691d56baf4ec5c9346c1d80cda18d4be034 Sha256: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: NKJmtMzCc7RrXmLg9C7G2w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.71.202.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.71.202.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ReIS6gkSWQwRX/oAW+E/ck6XRIc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B264F3E63F403D010F1661AE0498D1EC3212D45142085054A43D1D5EF7779F0E" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4085 Expires: Tue, 29 Nov 2022 07:23:08 GMT Date: Tue, 29 Nov 2022 06:15:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 32dcaddc3949464535cee46b03cf58d9 Sha1: e3c913dd7c1f8cad36077ae722ff26d7af90fced Sha256: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a1eea062f1783d0dbc323c06fbbdf7aee5ac328b1769122a09a0dc72b58e00ea 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2150 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:04 GMT Etag: "6384bad1-117" Last-Modified: Tue, 29 Nov 2022 05:39:15 GMT Server: ECS (amb/6BB2) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: c94c6fa6e6eff3ca5e4cb267ee1daaf9 Sha1: fc308136e47c52c697b595c44dce23d260ec43ea Sha256: a1eea062f1783d0dbc323c06fbbdf7aee5ac328b1769122a09a0dc72b58e00ea
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js FQDN: js.sentry-cdn.com IP: 151.101.2.217 HASH: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d 151.101.2.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 9 content-encoding: gzip accept-ranges: bytes date: Tue, 29 Nov 2022 06:15:04 GMT age: 160 x-served-by: getsentry-web-default-common-production-546cdd455-rpb9p, cache-bma1625-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1021 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 1021 Md5: 3b07f6f3625abf8ad4dafd7b821ad69e Sha1: 304bbec923fc251222f5d8bf87ff13244ac12201 Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
GET /static/BAAA/style.css HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/style.css FQDN: her-cupid.com IP: 54.39.22.228 HASH: ae62b02ef2a9f029fe647cb691448e66048fb9f46b876285bb7b9f4df4440d59 54.39.22.228 HTTP/2 200 OK content-type: text/css server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 9025 last-modified: Mon, 04 Mar 2019 12:10:26 GMT etag: "5c7d15b2-2341" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 9025 Md5: 755d944baae809e8d3466ea04f6c05a5 Sha1: 740b6b89b852cde67fd0236b6c6f036bededed61 Sha256: ae62b02ef2a9f029fe647cb691448e66048fb9f46b876285bb7b9f4df4440d59
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.74 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.74 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 14:19:24 GMT expires: Sat, 25 Nov 2023 14:19:24 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 316540 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: bc2d42bb099239df64e70db8b0109e0483e119bc45eb46ca62dadb6d12d2aeef 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 29 Nov 2022 06:15:04 GMT date: Tue, 29 Nov 2022 06:15:04 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 854 Md5: 90aba2b70530eb24f7caf32c8d5d7da9 Sha1: fc90ac05ca777c4b08a4c715be2605d6975cc0b7 Sha256: bc2d42bb099239df64e70db8b0109e0483e119bc45eb46ca62dadb6d12d2aeef
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
GET /BAAA/10063/oth?i=QOTdP2OFo2c&u=3767906554830234470 HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: her-cupid.com/BAAA/10063/oth?i=QOTdP2OFo2c&u=3767906554 (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: 932be3d3bfa305d3d7d43b9a6a4ba934b5461dd952f3d8d5489515a6929cb56d 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:03 GMT access-control-allow-origin: * x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (37473), with CRLF, LF line terminators Size: 28339 Md5: 0e6b7351af5fbf6b16f337feff6c6550 Sha1: 169fa6d59d8b63c55207079a541d3bd8d70311fc Sha256: 932be3d3bfa305d3d7d43b9a6a4ba934b5461dd952f3d8d5489515a6929cb56d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8015 Expires: Tue, 29 Nov 2022 08:28:39 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.139.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.139.29 HTTP/2 204 No Content date: Tue, 29 Nov 2022 06:15:04 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v694wQlIq1ImBJKpWTA7uGKlO%2BBbN54%2Bj9dKB36OcTTXN5iGLJjoqlFUsF9MHvWCE568khoUC6E2SfCwC8ESuYVUYyDK4W4OPtMfkDUfMYLdSnZkZVvqblg0rh868fuCSg6K"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934eb3a2274c9-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 21:20:46 GMT expires: Fri, 24 Nov 2023 21:20:46 GMT cache-control: public, max-age=31536000 age: 377658 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:40:18 GMT expires: Fri, 24 Nov 2023 16:40:18 GMT cache-control: public, max-age=31536000 age: 394486 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10648 Expires: Tue, 29 Nov 2022 09:12:32 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10648 Expires: Tue, 29 Nov 2022 09:12:32 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10176 x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMo3oHpSoAMF5Qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:38:02 GMT age: 81422 etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10176 Md5: 03014221d7f49b50ffc2d1b0a0e75457 Sha1: 772d86ad983042a728ee3490630a9cf1134ad0dd Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3905 x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMFcYHE6IAMFmpA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:10:04 GMT age: 83100 etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3905 Md5: 06723cdab42df9b5334f540a8c7ebc60 Sha1: 3bbc44cb84a37ce6a067db4301dd81647a77c29f Sha256: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8015 Expires: Tue, 29 Nov 2022 08:28:39 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8402 x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYeaGbgoAMFdCA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 04:17:21 GMT age: 7063 etag: "47295f2cf1b039c4b85cbe463d7893671a563989" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8402 Md5: faf3524970b0c3256eb5708f4ccf11ce Sha1: 47295f2cf1b039c4b85cbe463d7893671a563989 Sha256: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9162 x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVjI8E9poAMFaQw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 00:36:14 GMT etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06" age: 20330 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9162 Md5: c808183085a429c53515508678fc7ab2 Sha1: 6567069d9f5199205ba1ca7a937fcb0a52f95d06 Sha256: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9203 x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cHcHmGmQoAMF6dQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 03:49:48 GMT age: 8716 etag: "433061bbb226048765a711deca3026ee3e52372f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9203 Md5: 5d574c4db20a68295dbd06cb08f5990b Sha1: 433061bbb226048765a711deca3026ee3e52372f Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3004 x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYcrFRXoAMFUJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 04:45:15 GMT age: 5389 etag: "035a1b4a2a7889787532ec2637d5c21e06daf672" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3004 Md5: 22e7d3e11e78242383e452adb9299016 Sha1: 035a1b4a2a7889787532ec2637d5c21e06daf672 Sha256: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /static/BAAA/3-1.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://her-cupid.com/static/BAAA/style.css Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/3-1.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 480 last-modified: Wed, 26 Sep 2018 08:25:30 GMT etag: "5bab427a-1e0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 480 Md5: 37ad09484eb1a7e103c1bba69ec3408d Sha1: 950c14767d959c154d2ba2ceaa7867b8809731e5 Sha256: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/BAAA/3-2.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://her-cupid.com/static/BAAA/style.css Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/3-2.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 535 last-modified: Wed, 26 Sep 2018 08:25:30 GMT etag: "5bab427a-217" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 535 Md5: 7621845db78d7540608060c63a721252 Sha1: b24bca5f9e3ca0daf6f0f4822d66febc5c65d169 Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/BAAA/fon-black-3.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://her-cupid.com/static/BAAA/style.css Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/fon-black-3.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 319308 last-modified: Wed, 26 Sep 2018 08:25:30 GMT etag: "5bab427a-4df4c" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data Size: 319308 Md5: f56a3caa703a84b5344c5c75aaed3364 Sha1: 10bec291e7266499c9f5d3142aaf4207480cfda7 Sha256: 49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3974 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:04 GMT Last-Modified: Tue, 29 Nov 2022 05:08:50 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af25abbc1f9776cf78b07837dbea38a0 Sha1: 1883049bac2e92f8b3107f6435f00b83d8f4c117 Sha256: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: abd55ecd24d357a9f02612558f723a90 Sha1: 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec Sha256: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 Host: lh3.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1x (...) FQDN: lh3.google.com IP: 142.250.74.142 HASH: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb 142.250.74.142 HTTP/2 302 Found content-type: text/html; charset=UTF-8 location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en cache-control: private vary: Origin access-control-allow-origin: * timing-allow-origin: * x-content-type-options: nosniff date: Tue, 29 Nov 2022 06:15:04 GMT server: fife content-length: 337 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Size: 337 Md5: 66a43eafe19fd2e9782007272dd06ced Sha1: 9d5112f8b4482ef224d10b0d0a17bfaf053e8e23 Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: cHnk38ZsKXjXOHRx2DW4uK/fef45ILN3mf6CYsazWhwCCGJcy+Th3tagGe81iJB33QU3JD2uxb3yVIHyGZ6XOg== content-length: 0 date: Tue, 29 Nov 2022 06:15:04 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/BAAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 39df9ff9ca533925141252942c2ca3ab78abc75641923367d302c03352fe19e4 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 2634 last-modified: Tue, 04 Dec 2018 15:24:42 GMT etag: "5c069c3a-a4a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 270 x 270, 8-bit gray+alpha, non-interlaced\012- data Size: 2634 Md5: a942a3268453194d872f5fd38f01d316 Sha1: d4a851f12cc7024050cbf7c99642004299e28a28 Sha256: 39df9ff9ca533925141252942c2ca3ab78abc75641923367d302c03352fe19e4
GET /static/BAAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5cfc3d8c5351ef79c974dceff85041ebea8aa490485fe14e38154fa6ecc4bf75 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 534 last-modified: Tue, 04 Dec 2018 15:24:42 GMT etag: "5c069c3a-216" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data Size: 534 Md5: 90514f324e67cbfeea03f20d8ee33928 Sha1: 32904715b4f1811c3fe9e6d74de7f46ea75f2c5b Sha256: 5cfc3d8c5351ef79c974dceff85041ebea8aa490485fe14e38154fa6ecc4bf75
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3974 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:04 GMT Last-Modified: Tue, 29 Nov 2022 05:08:50 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af25abbc1f9776cf78b07837dbea38a0 Sha1: 1883049bac2e92f8b3107f6435f00b83d8f4c117 Sha256: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: abd55ecd24d357a9f02612558f723a90 Sha1: 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec Sha256: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5b700cd09f0aa11ec03e2fe0cba0d92444cf70a880eecc5825e99636a6fbab4d 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 8f12114c5e4071a91936f049f8234c94 Sha1: 61ddffbc7f1154cc8a5fe6fabbd976fe71027d6f Sha256: 5b700cd09f0aa11ec03e2fe0cba0d92444cf70a880eecc5825e99636a6fbab4d
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: 51e963947223babfe8d621a8a38d70d14f6a43a96ae25aac0a8be78bae7db59d 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 29 Nov 2022 06:15:04 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S1593960072%3A1669702504789292&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvcxen_geR1KARp_-FkFhEAi6m5g5r5D32PhGHW2yLPRhlhXlEFD_WQ_Zar8SoF4FsnnimUZg strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-hffMb-eUefWvWqAsbOyXAg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 409 server: GSE set-cookie: __Host-GAPS=1:KvC1tIkqtiqUptbVqWJwcxU0tzi0fA:yaKvFYBEPtpkRgGh;Path=/;Expires=Thu, 28-Nov-2024 06:15:04 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386) Size: 409 Md5: 0988f301de1c7658a946c992a3b8e599 Sha1: e42057dc14382be0ec00d19517ac2634e4bee61c Sha256: 51e963947223babfe8d621a8a38d70d14f6a43a96ae25aac0a8be78bae7db59d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: fb9ea3d68fe575be42dfe4252ddf347129dffd7ccc9c08b869143f64357e4053 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FB9EA3D68FE575BE42DFE4252DDF347129DFFD7CCC9C08B869143F64357E4053" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10987 Expires: Tue, 29 Nov 2022 09:18:11 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e7fee1f4d892e610a07c70545daa3e00 Sha1: 95e2f76a90bd7cec50d8ccb44d3bff8cb53ae9e0 Sha256: fb9ea3d68fe575be42dfe4252ddf347129dffd7ccc9c08b869143f64357e4053
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3d42bc20c8dfa7bab1f6c641e44cd76438b4107c47a5b0e1d5d0a4e2125260ea 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4467 Cache-Control: max-age=139336 Date: Tue, 29 Nov 2022 06:15:04 GMT Etag: "63850f3d-139" Expires: Wed, 30 Nov 2022 20:57:20 GMT Last-Modified: Mon, 28 Nov 2022 19:42:53 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: 128d7b1137f2fe64e0aa7898bf7360b9 Sha1: e846ecb7135f92bf4342f2fdbf1b42cb713949fb Sha256: 3d42bc20c8dfa7bab1f6c641e44cd76438b4107c47a5b0e1d5d0a4e2125260ea
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.139.29 HASH: e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2 172.64.139.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Tue, 29 Nov 2022 06:15:04 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RchqBI7UuUW%2FQFhu42NKNPr0%2BoJlbjJOVogHM4PM9mUAhpZS9EARpacC1qzIgx2PFesdJtcFUNxFCGTOLnXL71vyRV1ZgNf0W4I29r6IDMXbA6xjU1PILjtSaur3euIUndHE"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934eb9a5474c9-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1940), with no line terminators Size: 798 Md5: b52b97526680e174c333ef573ae186f3 Sha1: 9b6ab438f58765ee216d7a5c4eeee191d7ec358b Sha256: e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pornhub.com/video/manage?o=mr&t=pr2 FQDN: pornhub.com IP: 66.254.114.41 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 66.254.114.41 HTTP/2 301 Moved Permanently content-type: text/html server: openresty date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 166 location: https://www.pornhub.com/video/manage?o=mr&t=pr2 x-frame-options: SAMEORIGIN set-cookie: __s=6385A368-42FE722901BB07BC-1A679782; Secure; Samesite=None __l=6385A368-42FE722901BB07BC-1A679782; Secure; Samesite=None; Max-Age=31556926 strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A368-42FE722901BB07BC-1A679782 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /premium/login?redirect=L8HpCxKj90g8Kj2D-bwATZJQiPT4gt3S56QTeGzRF0andqQG44enM2YPPARuJMpP HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=vi8u6v6cai99nkvnqkoajxedv8ghb05c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=L8HpCxKj9 (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: 5e8c504e9d9aa2b0ab9f5a767371721cac26e539213652410dd02802853bc14c 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Tue, 29 Nov 2022 06:15:05 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=865693538151570184; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=64710.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A368-42FE722101BB9700-1A5A70DC --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7795 Md5: f9fa6f5d5fdb0bae5cc062ba82e09f3b Sha1: d0a9c7bf76c23322b280380c51871c267511f729 Sha256: 5e8c504e9d9aa2b0ab9f5a767371721cac26e539213652410dd02802853bc14c
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:05 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT Expires: Sat, 03 Dec 2022 07:48:03 GMT Etag: "f66d108422d188602530372875d7beac8327ef5e" Cache-Control: max-age=350577,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 771934f09d6bb51e-OSL --- Additional Info --- Magic: data Size: 471 Md5: 00eea5bdd305068f54a53a0311504c7f Sha1: f66d108422d188602530372875d7beac8327ef5e Sha256: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.8 HASH: 30a0fe398adb816d0651e3f2f195bde2c4763aee96824a31df422181f70fee39 185.88.181.8 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Tue, 29 Nov 2022 06:15:05 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=a30efb5cb6bd98fax2PtuFI85mWRIXwEm-AZyo6i2B2jx6tjklsGNJbXBADc4HULIf5vsXyWu3CeMoC_Cc-Ese8o9V1yFo5nxzlc5w1lHADX2XGR9dHeR6e5udlb0sDpoF9GebGB0rzk2kYRXuaWwEe4MYjn2AoW_-R1xSkfEXGTA9DKzPzXLPRWwX925iIY07FZNI660iSSVuDf; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644) Size: 25817 Md5: 7a0bf0fe1e30442ab7e4a670e2a6955c Sha1: 124a6a2036f5aef9cd2d44a0243ddf09091c7dbe Sha256: 30a0fe398adb816d0651e3f2f195bde2c4763aee96824a31df422181f70fee39
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Tue, 29 Nov 2022 06:15:05 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=9ub7w1e8owtk614sj8m38fjwkaujlo7w; expires=Fri, 26-Nov-2032 06:15:05 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=427806728152568087; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=70744.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6385A368-42FE722901BB07BC-1A6797D0; Secure; Samesite=None __l=6385A368-42FE722901BB07BC-1A6797D0; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A368-42FE722901BB07BC-1A6797D0 X-Firefox-Spdy: h2 --- Additional Info ---
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 104.21.58.242 104.21.58.242 HTTP/2 200 OK content-type: application/x-javascript date: Tue, 29 Nov 2022 06:15:04 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 6490 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5udFnmxcoMK228hYUW7cdFyewZscesMYkVAabiD%2BuFaP7N2iFVp%2B95Bf2IJDfz0u3NbKbEFHkRtknABULJ7eBrHRcyFwmHaNHwT06SqpoeRP2ThzDtvobBfQXkPy"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934ea6d2db4f1-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-id?nbl=&impression=QOTdP2OFo2c&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FBAAA%2F10063%2Foth%3Fi%3DQOTdP2OFo2c%26u%3D3767906554830234470&search=%3Fi%3DQOTdP2OFo2c%26u%3D3767906554830234470&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=QOTdP2OFo2c&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT set-cookie: userid=2341c9e0a240506b039074bf6794620f9eea71cfec73cbd916833c1ed00ea4b7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A136489852922%3B%7D; expires=Thu, 30-Nov-2023 02:31:44 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /login HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=9ub7w1e8owtk614sj8m38fjwkaujlo7w Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/login FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Tue, 29 Nov 2022 06:15:05 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure ss=199852943349722305; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=16368.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6385A369-42FE722901BB07BC-1A67980A; Secure; Samesite=None __l=6385A369-42FE722901BB07BC-1A67980A; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A369-42FE722901BB07BC-1A67980A X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjoxMzY0ODk4NTI5MjJ9; userid=2341c9e0a240506b039074bf6794620f9eea71cfec73cbd916833c1ed00ea4b7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A136489852922%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:05 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /v3/signin/identifier?dsh=S1593960072%3A1669702504789292&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvcxen_geR1KARp_-FkFhEAi6m5g5r5D32PhGHW2yLPRhlhXlEFD_WQ_Zar8SoF4FsnnimUZg HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S159396007 (...) FQDN: accounts.google.com IP: 216.58.207.237 216.58.207.237 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 29 Nov 2022 06:15:04 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= cross-origin-opener-policy-report-only: same-origin content-security-policy: script-src 'nonce-v_N1puLNmgsTXj2PIo8wRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj HTTP/1.1 

                                        
                                            
Host: dateexotic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         172.67.159.164

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:01 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONPL%2B6lJwRZ87%2BzklriICfu4e3JCs3aVWBfpKs5ZvRN6LY9ISU5OkZ8dkXHjmA1x8sTNVWHGHWkzKYQ15KxGvtm72n98MVEYhheJ8yBB%2FbKAHmJxY%2ByvRWgDv6nZxmfFMg%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 771934dbaf9bb50b-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   907

                                                Md5:    f644572248ce42c31779d65845c95277

                                                Sha1:   6963b52cff901ae5ce3eb250820dcaef46cc9388

                                                Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4406 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:01 GMT 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 05:01:36 GMT 

                                        
                                            
Server: ECS (ska/F71A) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    9408cc0694fcbea57966c3a3ba906092

                                                Sha1:   fddcee1fdcf3209298e41a4b1b5560357fa165f0

                                                Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 05:17:52 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 3430 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    30db107dcf4380cef05efea409c2e6a3

                                                Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9

                                                Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 346 

                                        
                                            
ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16733 

                                        
                                            
Expires: Tue, 29 Nov 2022 10:53:55 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:02 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   346

                                                Md5:    bdc61008a8346add5bdf318110268996

                                                Sha1:   af94755b7e04b467ec712148e18d35c953e32c4b

                                                Sha256: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 06:11:13 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 229 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 346 

                                        
                                            
ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16733 

                                        
                                            
Expires: Tue, 29 Nov 2022 10:53:55 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:02 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   346

                                                Md5:    bdc61008a8346add5bdf318110268996

                                                Sha1:   af94755b7e04b467ec712148e18d35c953e32c4b

                                                Sha256: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476

                                        
                                            GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zb3ZsOTl0MTNsN3NqJmVtYWlsPWZlbGl4JTQwc2x1cnBtYWlsLm5ldCZzdWIxPWNsZWFyX21haW4mcHJpZD0zb3ZsOTl0MTNsN3NqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=a1d624537a47e88c03b1f240dba3401b HTTP/1.1 

                                        
                                            
Host: alexatracker.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://dateexotic.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.204.112

                                        
                                            HTTP/2 301 Moved Permanently

                                        

                                        
                                            
date: Tue, 29 Nov 2022 06:15:02 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: https://www2.dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix%40slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=3767906554830234470&c=838369804 

                                        
                                            
set-cookie: trbarid=3767906554830234470;expires=Thu, 28 Nov 2024 06:15:02 GMT;secure;HttpOnly;SameSite=None;path=/ 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPV2gvKHeZofiAYrehse19RIzj1haAqybRvQvAcRBHfyBrMDJu1sdFTuTdwrg6rCS9VxSIJ5mf%2B4TtBaTCoJmT66ZtF3SFxstc9fvSuCbZrOAO0CQARIDtnijO74Eo56yRKW"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 771934e2ca06b4ff-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: NKJmtMzCc7RrXmLg9C7G2w== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.71.202.2

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: ReIS6gkSWQwRX/oAW+E/ck6XRIc= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    07b8296613be09905e34b09dce4a203f

                                                Sha1:   c97c67e8c4b1247423d089c028c31e05734f124e

                                                Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    07b8296613be09905e34b09dce4a203f

                                                Sha1:   c97c67e8c4b1247423d089c028c31e05734f124e

                                                Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

                                        
                                            GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 

                                        
                                            
Host: js.sentry-cdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         151.101.2.217

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 

                                        
                                            
x-frame-options: deny 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-envoy-attempt-count: 1 

                                        
                                            
x-envoy-upstream-service-time: 9 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
age: 160 

                                        
                                            
x-served-by: getsentry-web-default-common-production-546cdd455-rpb9p, cache-bma1625-BMA 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
timing-allow-origin: https://sentry.io 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
content-length: 1021 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (512)

                                                Size:   1021

                                                Md5:    3b07f6f3625abf8ad4dafd7b821ad69e

                                                Sha1:   304bbec923fc251222f5d8bf87ff13244ac12201

                                                Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d

                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 

                                        
                                            
Host: ajax.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.74

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" 

                                        
                                            
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 31021 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Fri, 25 Nov 2022 14:19:24 GMT 

                                        
                                            
expires: Sat, 25 Nov 2023 14:19:24 GMT 

                                        
                                            
cache-control: public, max-age=31536000, stale-while-revalidate=2592000 

                                        
                                            
last-modified: Fri, 08 May 2020 07:05:03 GMT 

                                        
                                            
age: 316540 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65451)

                                                Size:   31021

                                                Md5:    903bc7a7e510f87aa5d0201eb59a0832

                                                Sha1:   ac9aa4dd94cde1bcba9037e94087138b127e41fc

                                                Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    07b8296613be09905e34b09dce4a203f

                                                Sha1:   c97c67e8c4b1247423d089c028c31e05734f124e

                                                Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    07b8296613be09905e34b09dce4a203f

                                                Sha1:   c97c67e8c4b1247423d089c028c31e05734f124e

                                                Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8015 

                                        
                                            
Expires: Tue, 29 Nov 2022 08:28:39 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    adaddb1757d7b98e890bec01e610e90c

                                                Sha1:   9c6938bcd69b8fa8678719ba815b358399ce2a6b

                                                Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    49eee25f3ccd585a29e34e80cf5bb160

                                                Sha1:   73eca8be91deedd049304862759a3d8084c0b07e

                                                Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    49eee25f3ccd585a29e34e80cf5bb160

                                                Sha1:   73eca8be91deedd049304862759a3d8084c0b07e

                                                Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

                                        
                                            POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 

                                        
                                            
Host: o65532.ingest.sentry.io

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://her-cupid.com/ 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Content-Length: 426 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.195.249

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
content-length: 2 

                                        
                                            
access-control-allow-origin: https://her-cupid.com 

                                        
                                            
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after 

                                        
                                            
vary: Origin 

                                        
                                            
x-envoy-upstream-service-time: 0 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   2

                                                Md5:    99914b932bd37a50b983c5e7c90ae93b

                                                Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    49eee25f3ccd585a29e34e80cf5bb160

                                                Sha1:   73eca8be91deedd049304862759a3d8084c0b07e

                                                Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10176 

                                        
                                            
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cMo3oHpSoAMF5Qw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ== 

                                        
                                            
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 07:38:02 GMT 

                                        
                                            
age: 81422 

                                        
                                            
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10176

                                                Md5:    03014221d7f49b50ffc2d1b0a0e75457

                                                Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd

                                                Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8015 

                                        
                                            
Expires: Tue, 29 Nov 2022 08:28:39 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    adaddb1757d7b98e890bec01e610e90c

                                                Sha1:   9c6938bcd69b8fa8678719ba815b358399ce2a6b

                                                Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9162 

                                        
                                            
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cVjI8E9poAMFaQw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q== 

                                        
                                            
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 00:36:14 GMT 

                                        
                                            
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06" 

                                        
                                            
age: 20330 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9162

                                                Md5:    c808183085a429c53515508678fc7ab2

                                                Sha1:   6567069d9f5199205ba1ca7a937fcb0a52f95d06

                                                Sha256: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3004 

                                        
                                            
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cPYcrFRXoAMFUJg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg== 

                                        
                                            
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 29 Nov 2022 04:45:15 GMT 

                                        
                                            
age: 5389 

                                        
                                            
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3004

                                                Md5:    22e7d3e11e78242383e452adb9299016

                                                Sha1:   035a1b4a2a7889787532ec2637d5c21e06daf672

                                                Sha256: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

                                        
                                            GET /static/BAAA/3-2.png HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://her-cupid.com/static/BAAA/style.css 

                                        
                                            
Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
content-length: 535 

                                        
                                            
last-modified: Wed, 26 Sep 2018 08:25:30 GMT 

                                        
                                            
etag: "5bab427a-217" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   535

                                                Md5:    7621845db78d7540608060c63a721252

                                                Sha1:   b24bca5f9e3ca0daf6f0f4822d66febc5c65d169

                                                Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3974 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 05:08:50 GMT 

                                        
                                            
Server: ECS (ska/F71A) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    af25abbc1f9776cf78b07837dbea38a0

                                                Sha1:   1883049bac2e92f8b3107f6435f00b83d8f4c117

                                                Sha256: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

                                        
                                            GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 

                                        
                                            
Host: lh3.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.142

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en 

                                        
                                            
cache-control: private 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
server: fife 

                                        
                                            
content-length: 337 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators

                                                Size:   337

                                                Md5:    66a43eafe19fd2e9782007272dd06ced

                                                Sha1:   9d5112f8b4482ef224d10b0d0a17bfaf053e8e23

                                                Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

                                        
                                            GET /static/BAAA/favicon-150x150.png HTTP/1.1 

                                        
                                            
Host: her-cupid.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         54.39.22.228

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
content-length: 2634 

                                        
                                            
last-modified: Tue, 04 Dec 2018 15:24:42 GMT 

                                        
                                            
etag: "5c069c3a-a4a" 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 270 x 270, 8-bit gray+alpha, non-interlaced\012- data

                                                Size:   2634

                                                Md5:    a942a3268453194d872f5fd38f01d316

                                                Sha1:   d4a851f12cc7024050cbf7c99642004299e28a28

                                                Sha256: 39df9ff9ca533925141252942c2ca3ab78abc75641923367d302c03352fe19e4

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3974 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Last-Modified: Tue, 29 Nov 2022 05:08:50 GMT 

                                        
                                            
Server: ECS (ska/F71A) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    af25abbc1f9776cf78b07837dbea38a0

                                                Sha1:   1883049bac2e92f8b3107f6435f00b83d8f4c117

                                                Sha256: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    8f12114c5e4071a91936f049f8234c94

                                                Sha1:   61ddffbc7f1154cc8a5fe6fabbd976fe71027d6f

                                                Sha256: 5b700cd09f0aa11ec03e2fe0cba0d92444cf70a880eecc5825e99636a6fbab4d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "FB9EA3D68FE575BE42DFE4252DDF347129DFFD7CCC9C08B869143F64357E4053" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10987 

                                        
                                            
Expires: Tue, 29 Nov 2022 09:18:11 GMT 

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    e7fee1f4d892e610a07c70545daa3e00

                                                Sha1:   95e2f76a90bd7cec50d8ccb44d3bff8cb53ae9e0

                                                Sha256: fb9ea3d68fe575be42dfe4252ddf347129dffd7ccc9c08b869143f64357e4053

                                        
                                            POST /get-keys HTTP/1.1 

                                        
                                            
Host: app.api-push.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Content-Length: 174 

                                        
                                            
Origin: https://her-cupid.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         172.64.139.29

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH 

                                        
                                            
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RchqBI7UuUW%2FQFhu42NKNPr0%2BoJlbjJOVogHM4PM9mUAhpZS9EARpacC1qzIgx2PFesdJtcFUNxFCGTOLnXL71vyRV1ZgNf0W4I29r6IDMXbA6xjU1PILjtSaur3euIUndHE"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 771934eb9a5474c9-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (1940), with no line terminators

                                                Size:   798

                                                Md5:    b52b97526680e174c333ef573ae186f3

                                                Sha1:   9b6ab438f58765ee216d7a5c4eeee191d7ec358b

                                                Sha256: e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2

                                        
                                            GET /premium/login?redirect=L8HpCxKj90g8Kj2D-bwATZJQiPT4gt3S56QTeGzRF0andqQG44enM2YPPARuJMpP HTTP/1.1 

                                        
                                            
Host: www.pornhubpremium.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: bs=vi8u6v6cai99nkvnqkoajxedv8ghb05c 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         66.254.114.33

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:05 GMT 

                                        
                                            
transfer-encoding: chunked 

                                        
                                            
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly
platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly
ss=865693538151570184; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly
fg_0d2ec4cbd943df07ec161982a603817e=64710.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure
ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
vary: User-Agent 

                                        
                                            
rating: RTA-5042-1996-1400-1577-RTA 

                                        
                                            
content-encoding: gzip 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
x-request-id: 6385A368-42FE722101BB9700-1A5A70DC 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404)

                                                Size:   7795

                                                Md5:    f9fa6f5d5fdb0bae5cc062ba82e09f3b

                                                Sha1:   d0a9c7bf76c23322b280380c51871c267511f729

                                                Sha256: 5e8c504e9d9aa2b0ab9f5a767371721cac26e539213652410dd02802853bc14c

                                        
                                            GET /favorite/90902157/mk_1123 HTTP/1.1 

                                        
                                            
Host: www.xvideos.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.88.181.8

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Date: Tue, 29 Nov 2022 06:15:05 GMT 

                                        
                                            
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" 

                                        
                                            
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com *.trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com *.addthis.com *.addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hwcdn.net fcm.googleapis.com *.nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com *.googleapis.com *.cdn77.org *.pingdom.net *.exoclick.com *.exosrv.com *.realsrv.com *.orbsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net *.adtng.com *.adglare.net adinvent.engine.adglare.net *.bngpt.com bngpt.com *.trafficjunky.net *.ohmybutt.com *.flirt4free.com *.xlovecam.com *.wlresources.com *.medleyads.com *.cams.com *.acdn5165543.com *.protoawe.com *.google-analytics.com livejasmin.com *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com *.promo-bc.com *.bongacams.com *.bongacash.com *.gammae.com *.servingmillions.com *.super-route.com cdn01.flashmediaportal.com engine.asf4f.us *.htdvt.com *.jerkmate.com *.vfgtb.com *.hytxg2.com *.awemdia.com *.cfgr3.com *.ajxx98.online *.sf4f.us *.adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com *.smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com *.bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com *.xxxjmp.com *.feelpornx.com *.crjugate.com *.hqscene.com *.xlviirdr.com adulttime.xxx *.adulttime.xxx *.javhd.com *.doppiocdn.com *.videosworks.com xlivrdr.com *.xlivrdr.com *.servetraff.com *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.hwcdn.net *.trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com *.vscdns.com *.doubleclick.net *.google.fr *.google.com *.exoclick.com *.exosrv.com *.realsrv.com *.exdynsrv.com *.ackcdn.net *.afcdn.net *.aucdn.net bmedia.justservingfiles.net; 

                                        
                                            
Referrer-Policy: no-referrer-when-downgrade 

                                        
                                            
Set-Cookie: session_token=a30efb5cb6bd98fax2PtuFI85mWRIXwEm-AZyo6i2B2jx6tjklsGNJbXBADc4HULIf5vsXyWu3CeMoC_Cc-Ese8o9V1yFo5nxzlc5w1lHADX2XGR9dHeR6e5udlb0sDpoF9GebGB0rzk2kYRXuaWwEe4MYjn2AoW_-R1xSkfEXGTA9DKzPzXLPRWwX925iIY07FZNI660iSSVuDf; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=.xvideos.com
_ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com
_gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Server: nginx 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644)

                                                Size:   25817

                                                Md5:    7a0bf0fe1e30442ab7e4a670e2a6955c

                                                Sha1:   124a6a2036f5aef9cd2d44a0243ddf09091c7dbe

                                                Sha256: 30a0fe398adb816d0651e3f2f195bde2c4763aee96824a31df422181f70fee39

                                        
                                            GET /cdn/push.min.js HTTP/1.1 

                                        
                                            
Host: cdnjam.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.58.242

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript

                                        

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
content-security-policy: block-all-mixed-content 

                                        
                                            
etag: W/"44c9e373bc246e347c8420a2eb8f54d4" 

                                        
                                            
last-modified: Mon, 06 Jun 2022 20:30:35 GMT 

                                        
                                            
strict-transport-security: max-age=15724800; includeSubDomains 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
x-amz-request-id: 16F62D8C82243EE0 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
cache-control: max-age=14400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 6490 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5udFnmxcoMK228hYUW7cdFyewZscesMYkVAabiD%2BuFaP7N2iFVp%2B95Bf2IJDfz0u3NbKbEFHkRtknABULJ7eBrHRcyFwmHaNHwT06SqpoeRP2ThzDtvobBfQXkPy"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 771934ea6d2db4f1-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /login HTTP/1.1 

                                        
                                            
Host: www.pornhub.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: bs=9ub7w1e8owtk614sj8m38fjwkaujlo7w 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         66.254.114.41

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:05 GMT 

                                        
                                            
set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure
platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=199852943349722305; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=16368.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=6385A369-42FE722901BB07BC-1A67980A; Secure; Samesite=None
__l=6385A369-42FE722901BB07BC-1A67980A; Secure; Samesite=None; Max-Age=31556926 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
vary: User-Agent 

                                        
                                            
rating: RTA-5042-1996-1400-1577-RTA 

                                        
                                            
content-encoding: gzip 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
x-request-id: 6385A369-42FE722901BB07BC-1A67980A 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /v3/signin/identifier?dsh=S1593960072%3A1669702504789292&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvcxen_geR1KARp_-FkFhEAi6m5g5r5D32PhGHW2yLPRhlhXlEFD_WQ_Zar8SoF4FsnnimUZg HTTP/1.1 

                                        
                                            
Host: accounts.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         216.58.207.237

                                        
                                            HTTP/2 403 Forbidden 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
cache-control: no-cache, no-store, max-age=0, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Mon, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
date: Tue, 29 Nov 2022 06:15:04 GMT 

                                        
                                            
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* 

                                        
                                            
cross-origin-opener-policy-report-only: same-origin 

                                        
                                            
content-security-policy: script-src 'nonce-v_N1puLNmgsTXj2PIo8wRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj
IP	172.67.159.164 (United States)
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-29 06:15:13 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slur (...) FQDN: dateexotic.com IP: 172.67.159.164 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 172.67.159.164 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 29 Nov 2022 06:15:01 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONPL%2B6lJwRZ87%2BzklriICfu4e3JCs3aVWBfpKs5ZvRN6LY9ISU5OkZ8dkXHjmA1x8sTNVWHGHWkzKYQ15KxGvtm72n98MVEYhheJ8yBB%2FbKAHmJxY%2ByvRWgDv6nZxmfFMg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771934dbaf9bb50b-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6498 Expires: Tue, 29 Nov 2022 08:03:19 GMT Date: Tue, 29 Nov 2022 06:15:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5daf4dc99951793ae2315d4795e8146 Sha1: 4427507ca4d3a5632cc8f598afbc85e2195d00bd Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4406 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:01 GMT Last-Modified: Tue, 29 Nov 2022 05:01:36 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12117 Expires: Tue, 29 Nov 2022 09:36:59 GMT Date: Tue, 29 Nov 2022 06:15:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 29 Nov 2022 05:17:52 GMT cache-control: public,max-age=3600 age: 3430 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 6aM4i2G2Bicbm71a5Wvs7xfcaSNLInGvQGQCKVBeP/z/60s/o7EgLb/M0x8xSAZDYdLL2DaQxMc= x-amz-request-id: P4S52X8B6GFMF7RX content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 29 Nov 2022 05:45:20 GMT age: 1782 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 172.67.159.164 HASH: f33bcea37e8bb80f4a054283ec3fee0a4d40929979ff0e1f7b5b67f04c5b7649 172.67.159.164 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Tue, 29 Nov 2022 06:15:02 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 771934de0a41b50b-OSL Age: 15325 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DBOmX9LwH9hlZoBRzfaxktCRRlZJg2TuU6O5SC7zWZoghQ6NYjGcuAlyCt%2BRwGdrHgO0%2F4mx%2Buy7%2FbelBqmHZOCpEszukotbPqvKqIJ%2FmlWkmcApRZWa6DeK7iXhrl%2B5w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3566 Md5: cfed7ea7fab839427d802070c1a7c3a8 Sha1: e2bb93dbb83ed6edf4563709e395bf1747d16979 Sha256: f33bcea37e8bb80f4a054283ec3fee0a4d40929979ff0e1f7b5b67f04c5b7649 Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 06:15:02 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16733 Expires: Tue, 29 Nov 2022 10:53:55 GMT Date: Tue, 29 Nov 2022 06:15:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: bdc61008a8346add5bdf318110268996 Sha1: af94755b7e04b467ec712148e18d35c953e32c4b Sha256: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix@slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 172.67.159.164 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 172.67.159.164 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 29 Nov 2022 06:15:02 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drtD7y%2BmQLL10tZGRdX24yykhyQHO6Zb3TlFqgKvXcPG9%2FJAIHnQpZce6lhlgOt7tyXx3XYve8q2tRjTRTLvX%2Bt95twzCG8EokOPwZK6jY5HkAMBZn6LHPRTb826WyWOAw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771934df4b51b50b-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 29 Nov 2022 06:11:13 GMT cache-control: public,max-age=3600 age: 229 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5770 Cache-Control: max-age=102483 Date: Tue, 29 Nov 2022 06:15:02 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:43:05 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "CB8F23C5DD13BBBAE1790D52078A6D91BB554FA1DD0AFFAF57A043F9A5EE7476" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16733 Expires: Tue, 29 Nov 2022 10:53:55 GMT Date: Tue, 29 Nov 2022 06:15:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: bdc61008a8346add5bdf318110268996 Sha1: af94755b7e04b467ec712148e18d35c953e32c4b Sha256: cb8f23c5dd13bbbae1790d52078a6d91bb554fa1dd0affaf57a043f9a5ee7476
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:02 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: d5fcee7c27f9d0c87276be2c3411fe55 Sha1: 9a857691d56baf4ec5c9346c1d80cda18d4be034 Sha256: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zb3ZsOTl0MTNsN3NqJmVtYWlsPWZlbGl4JTQwc2x1cnBtYWlsLm5ldCZzdWIxPWNsZWFyX21haW4mcHJpZD0zb3ZsOTl0MTNsN3NqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=a1d624537a47e88c03b1f240dba3401b HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 172.67.204.112 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.204.112 HTTP/2 301 Moved Permanently date: Tue, 29 Nov 2022 06:15:02 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix%40slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=3767906554830234470&c=838369804 set-cookie: trbarid=3767906554830234470;expires=Thu, 28 Nov 2024 06:15:02 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPV2gvKHeZofiAYrehse19RIzj1haAqybRvQvAcRBHfyBrMDJu1sdFTuTdwrg6rCS9VxSIJ5mf%2B4TtBaTCoJmT66ZtF3SFxstc9fvSuCbZrOAO0CQARIDtnijO74Eo56yRKW"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 771934e2ca06b4ff-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /agEA?usid=3ovl99t13l7sj&email=felix%40slurpmail.net&sub1=clear_main&prid=3ovl99t13l7sj&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=3ovl99t13l7sj&email=felix (...) FQDN: www2.dateexotic.com IP: 104.21.34.109 HASH: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f 104.21.34.109 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Tue, 29 Nov 2022 06:15:02 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0zb3ZsOTl0MTNsN3NqJmVtYWlsPWZlbGl4JTQwc2x1cnBtYWlsLm5ldCZzdWIxPWNsZWFyX21haW4mcHJpZD0zb3ZsOTl0MTNsN3NqJmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=a1d624537a47e88c03b1f240dba3401b access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvgY5EYEOMiYJuLrPRIsrHKbk6MNdM1J%2BlegDxtgv541mTZEpjGU%2Ft8yONLJ4Pv%2BHiYo%2BFW53VFchydok15kHJSCmNkLLHucRIaAg9gJPfYoIpSX%2FE7N1BwdPWiKI4dFp%2FSUi7v%2F"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934deee6db511-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 471 Md5: d5fcee7c27f9d0c87276be2c3411fe55 Sha1: 9a857691d56baf4ec5c9346c1d80cda18d4be034 Sha256: d01d2f10d6c370eb68cc8bebf7f7a5d282b1abe59e089c758d917dfb4ebe827f
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: NKJmtMzCc7RrXmLg9C7G2w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.71.202.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.71.202.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ReIS6gkSWQwRX/oAW+E/ck6XRIc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B264F3E63F403D010F1661AE0498D1EC3212D45142085054A43D1D5EF7779F0E" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4085 Expires: Tue, 29 Nov 2022 07:23:08 GMT Date: Tue, 29 Nov 2022 06:15:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 32dcaddc3949464535cee46b03cf58d9 Sha1: e3c913dd7c1f8cad36077ae722ff26d7af90fced Sha256: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a1eea062f1783d0dbc323c06fbbdf7aee5ac328b1769122a09a0dc72b58e00ea 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2150 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:04 GMT Etag: "6384bad1-117" Last-Modified: Tue, 29 Nov 2022 05:39:15 GMT Server: ECS (amb/6BB2) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: c94c6fa6e6eff3ca5e4cb267ee1daaf9 Sha1: fc308136e47c52c697b595c44dce23d260ec43ea Sha256: a1eea062f1783d0dbc323c06fbbdf7aee5ac328b1769122a09a0dc72b58e00ea
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js FQDN: js.sentry-cdn.com IP: 151.101.2.217 HASH: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d 151.101.2.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 9 content-encoding: gzip accept-ranges: bytes date: Tue, 29 Nov 2022 06:15:04 GMT age: 160 x-served-by: getsentry-web-default-common-production-546cdd455-rpb9p, cache-bma1625-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1021 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 1021 Md5: 3b07f6f3625abf8ad4dafd7b821ad69e Sha1: 304bbec923fc251222f5d8bf87ff13244ac12201 Sha256: 7f620c5d1a3ff1cc1bafb7bc5137e971c39a0372e7b74f2d494b32b02922a86d
GET /static/BAAA/style.css HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/style.css FQDN: her-cupid.com IP: 54.39.22.228 HASH: ae62b02ef2a9f029fe647cb691448e66048fb9f46b876285bb7b9f4df4440d59 54.39.22.228 HTTP/2 200 OK content-type: text/css server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 9025 last-modified: Mon, 04 Mar 2019 12:10:26 GMT etag: "5c7d15b2-2341" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 9025 Md5: 755d944baae809e8d3466ea04f6c05a5 Sha1: 740b6b89b852cde67fd0236b6c6f036bededed61 Sha256: ae62b02ef2a9f029fe647cb691448e66048fb9f46b876285bb7b9f4df4440d59
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.74 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.74 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 14:19:24 GMT expires: Sat, 25 Nov 2023 14:19:24 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 316540 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: bc2d42bb099239df64e70db8b0109e0483e119bc45eb46ca62dadb6d12d2aeef 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 29 Nov 2022 06:15:04 GMT date: Tue, 29 Nov 2022 06:15:04 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 854 Md5: 90aba2b70530eb24f7caf32c8d5d7da9 Sha1: fc90ac05ca777c4b08a4c715be2605d6975cc0b7 Sha256: bc2d42bb099239df64e70db8b0109e0483e119bc45eb46ca62dadb6d12d2aeef
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
GET /BAAA/10063/oth?i=QOTdP2OFo2c&u=3767906554830234470 HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: her-cupid.com/BAAA/10063/oth?i=QOTdP2OFo2c&u=3767906554 (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: 932be3d3bfa305d3d7d43b9a6a4ba934b5461dd952f3d8d5489515a6929cb56d 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:03 GMT access-control-allow-origin: * x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (37473), with CRLF, LF line terminators Size: 28339 Md5: 0e6b7351af5fbf6b16f337feff6c6550 Sha1: 169fa6d59d8b63c55207079a541d3bd8d70311fc Sha256: 932be3d3bfa305d3d7d43b9a6a4ba934b5461dd952f3d8d5489515a6929cb56d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8015 Expires: Tue, 29 Nov 2022 08:28:39 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.139.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.139.29 HTTP/2 204 No Content date: Tue, 29 Nov 2022 06:15:04 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v694wQlIq1ImBJKpWTA7uGKlO%2BBbN54%2Bj9dKB36OcTTXN5iGLJjoqlFUsF9MHvWCE568khoUC6E2SfCwC8ESuYVUYyDK4W4OPtMfkDUfMYLdSnZkZVvqblg0rh868fuCSg6K"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934eb3a2274c9-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 21:20:46 GMT expires: Fri, 24 Nov 2023 21:20:46 GMT cache-control: public, max-age=31536000 age: 377658 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:40:18 GMT expires: Fri, 24 Nov 2023 16:40:18 GMT cache-control: public, max-age=31536000 age: 394486 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.21.1 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10648 Expires: Tue, 29 Nov 2022 09:12:32 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10648 Expires: Tue, 29 Nov 2022 09:12:32 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10176 x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMo3oHpSoAMF5Qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:38:02 GMT age: 81422 etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10176 Md5: 03014221d7f49b50ffc2d1b0a0e75457 Sha1: 772d86ad983042a728ee3490630a9cf1134ad0dd Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3905 x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMFcYHE6IAMFmpA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:10:04 GMT age: 83100 etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3905 Md5: 06723cdab42df9b5334f540a8c7ebc60 Sha1: 3bbc44cb84a37ce6a067db4301dd81647a77c29f Sha256: 9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8015 Expires: Tue, 29 Nov 2022 08:28:39 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8402 x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYeaGbgoAMFdCA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 04:17:21 GMT age: 7063 etag: "47295f2cf1b039c4b85cbe463d7893671a563989" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8402 Md5: faf3524970b0c3256eb5708f4ccf11ce Sha1: 47295f2cf1b039c4b85cbe463d7893671a563989 Sha256: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9162 x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVjI8E9poAMFaQw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 00:36:14 GMT etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06" age: 20330 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9162 Md5: c808183085a429c53515508678fc7ab2 Sha1: 6567069d9f5199205ba1ca7a937fcb0a52f95d06 Sha256: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9203 x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cHcHmGmQoAMF6dQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 03:49:48 GMT age: 8716 etag: "433061bbb226048765a711deca3026ee3e52372f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9203 Md5: 5d574c4db20a68295dbd06cb08f5990b Sha1: 433061bbb226048765a711deca3026ee3e52372f Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3004 x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYcrFRXoAMFUJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 04:45:15 GMT age: 5389 etag: "035a1b4a2a7889787532ec2637d5c21e06daf672" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3004 Md5: 22e7d3e11e78242383e452adb9299016 Sha1: 035a1b4a2a7889787532ec2637d5c21e06daf672 Sha256: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /static/BAAA/3-1.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://her-cupid.com/static/BAAA/style.css Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/3-1.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 480 last-modified: Wed, 26 Sep 2018 08:25:30 GMT etag: "5bab427a-1e0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 480 Md5: 37ad09484eb1a7e103c1bba69ec3408d Sha1: 950c14767d959c154d2ba2ceaa7867b8809731e5 Sha256: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/BAAA/3-2.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://her-cupid.com/static/BAAA/style.css Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/3-2.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 535 last-modified: Wed, 26 Sep 2018 08:25:30 GMT etag: "5bab427a-217" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 535 Md5: 7621845db78d7540608060c63a721252 Sha1: b24bca5f9e3ca0daf6f0f4822d66febc5c65d169 Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/BAAA/fon-black-3.jpg HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://her-cupid.com/static/BAAA/style.css Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/fon-black-3.jpg FQDN: her-cupid.com IP: 54.39.22.228 HASH: 49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98 54.39.22.228 HTTP/2 200 OK content-type: image/jpeg server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 319308 last-modified: Wed, 26 Sep 2018 08:25:30 GMT etag: "5bab427a-4df4c" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data Size: 319308 Md5: f56a3caa703a84b5344c5c75aaed3364 Sha1: 10bec291e7266499c9f5d3142aaf4207480cfda7 Sha256: 49e3ca223d626e90cdd7359a48a9cb992ec54cca5cc059a8e5347b61e55fda98
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3974 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:04 GMT Last-Modified: Tue, 29 Nov 2022 05:08:50 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af25abbc1f9776cf78b07837dbea38a0 Sha1: 1883049bac2e92f8b3107f6435f00b83d8f4c117 Sha256: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: abd55ecd24d357a9f02612558f723a90 Sha1: 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec Sha256: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 Host: lh3.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1x (...) FQDN: lh3.google.com IP: 142.250.74.142 HASH: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb 142.250.74.142 HTTP/2 302 Found content-type: text/html; charset=UTF-8 location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en cache-control: private vary: Origin access-control-allow-origin: * timing-allow-origin: * x-content-type-options: nosniff date: Tue, 29 Nov 2022 06:15:04 GMT server: fife content-length: 337 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Size: 337 Md5: 66a43eafe19fd2e9782007272dd06ced Sha1: 9d5112f8b4482ef224d10b0d0a17bfaf053e8e23 Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: cHnk38ZsKXjXOHRx2DW4uK/fef45ILN3mf6CYsazWhwCCGJcy+Th3tagGe81iJB33QU3JD2uxb3yVIHyGZ6XOg== content-length: 0 date: Tue, 29 Nov 2022 06:15:04 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/BAAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 39df9ff9ca533925141252942c2ca3ab78abc75641923367d302c03352fe19e4 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 2634 last-modified: Tue, 04 Dec 2018 15:24:42 GMT etag: "5c069c3a-a4a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 270 x 270, 8-bit gray+alpha, non-interlaced\012- data Size: 2634 Md5: a942a3268453194d872f5fd38f01d316 Sha1: d4a851f12cc7024050cbf7c99642004299e28a28 Sha256: 39df9ff9ca533925141252942c2ca3ab78abc75641923367d302c03352fe19e4
GET /static/BAAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/BAAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5cfc3d8c5351ef79c974dceff85041ebea8aa490485fe14e38154fa6ecc4bf75 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 534 last-modified: Tue, 04 Dec 2018 15:24:42 GMT etag: "5c069c3a-216" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data Size: 534 Md5: 90514f324e67cbfeea03f20d8ee33928 Sha1: 32904715b4f1811c3fe9e6d74de7f46ea75f2c5b Sha256: 5cfc3d8c5351ef79c974dceff85041ebea8aa490485fe14e38154fa6ecc4bf75
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3974 Cache-Control: 'max-age=158059' Date: Tue, 29 Nov 2022 06:15:04 GMT Last-Modified: Tue, 29 Nov 2022 05:08:50 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af25abbc1f9776cf78b07837dbea38a0 Sha1: 1883049bac2e92f8b3107f6435f00b83d8f4c117 Sha256: 663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: abd55ecd24d357a9f02612558f723a90 Sha1: 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec Sha256: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5b700cd09f0aa11ec03e2fe0cba0d92444cf70a880eecc5825e99636a6fbab4d 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 8f12114c5e4071a91936f049f8234c94 Sha1: 61ddffbc7f1154cc8a5fe6fabbd976fe71027d6f Sha256: 5b700cd09f0aa11ec03e2fe0cba0d92444cf70a880eecc5825e99636a6fbab4d
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 216.58.207.237 HASH: 51e963947223babfe8d621a8a38d70d14f6a43a96ae25aac0a8be78bae7db59d 216.58.207.237 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 29 Nov 2022 06:15:04 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S1593960072%3A1669702504789292&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvcxen_geR1KARp_-FkFhEAi6m5g5r5D32PhGHW2yLPRhlhXlEFD_WQ_Zar8SoF4FsnnimUZg strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-hffMb-eUefWvWqAsbOyXAg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 409 server: GSE set-cookie: __Host-GAPS=1:KvC1tIkqtiqUptbVqWJwcxU0tzi0fA:yaKvFYBEPtpkRgGh;Path=/;Expires=Thu, 28-Nov-2024 06:15:04 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386) Size: 409 Md5: 0988f301de1c7658a946c992a3b8e599 Sha1: e42057dc14382be0ec00d19517ac2634e4bee61c Sha256: 51e963947223babfe8d621a8a38d70d14f6a43a96ae25aac0a8be78bae7db59d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: fb9ea3d68fe575be42dfe4252ddf347129dffd7ccc9c08b869143f64357e4053 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FB9EA3D68FE575BE42DFE4252DDF347129DFFD7CCC9C08B869143F64357E4053" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10987 Expires: Tue, 29 Nov 2022 09:18:11 GMT Date: Tue, 29 Nov 2022 06:15:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e7fee1f4d892e610a07c70545daa3e00 Sha1: 95e2f76a90bd7cec50d8ccb44d3bff8cb53ae9e0 Sha256: fb9ea3d68fe575be42dfe4252ddf347129dffd7ccc9c08b869143f64357e4053
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3d42bc20c8dfa7bab1f6c641e44cd76438b4107c47a5b0e1d5d0a4e2125260ea 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4467 Cache-Control: max-age=139336 Date: Tue, 29 Nov 2022 06:15:04 GMT Etag: "63850f3d-139" Expires: Wed, 30 Nov 2022 20:57:20 GMT Last-Modified: Mon, 28 Nov 2022 19:42:53 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: 128d7b1137f2fe64e0aa7898bf7360b9 Sha1: e846ecb7135f92bf4342f2fdbf1b42cb713949fb Sha256: 3d42bc20c8dfa7bab1f6c641e44cd76438b4107c47a5b0e1d5d0a4e2125260ea
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.139.29 HASH: e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2 172.64.139.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Tue, 29 Nov 2022 06:15:04 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RchqBI7UuUW%2FQFhu42NKNPr0%2BoJlbjJOVogHM4PM9mUAhpZS9EARpacC1qzIgx2PFesdJtcFUNxFCGTOLnXL71vyRV1ZgNf0W4I29r6IDMXbA6xjU1PILjtSaur3euIUndHE"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934eb9a5474c9-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1940), with no line terminators Size: 798 Md5: b52b97526680e174c333ef573ae186f3 Sha1: 9b6ab438f58765ee216d7a5c4eeee191d7ec358b Sha256: e36d05bc1c6c4d4e5eba2c1a9b1db525f7b8c2a88485aab44e5af076e77a23e2
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pornhub.com/video/manage?o=mr&t=pr2 FQDN: pornhub.com IP: 66.254.114.41 HASH: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 66.254.114.41 HTTP/2 301 Moved Permanently content-type: text/html server: openresty date: Tue, 29 Nov 2022 06:15:04 GMT content-length: 166 location: https://www.pornhub.com/video/manage?o=mr&t=pr2 x-frame-options: SAMEORIGIN set-cookie: __s=6385A368-42FE722901BB07BC-1A679782; Secure; Samesite=None __l=6385A368-42FE722901BB07BC-1A679782; Secure; Samesite=None; Max-Age=31556926 strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A368-42FE722901BB07BC-1A679782 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 166 Md5: 3ea1c8d079b38532a6e01a96216ba5e2 Sha1: 598d3ff91d3e252f1e13df8cf0348b270ff2da3f Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /premium/login?redirect=L8HpCxKj90g8Kj2D-bwATZJQiPT4gt3S56QTeGzRF0andqQG44enM2YPPARuJMpP HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=vi8u6v6cai99nkvnqkoajxedv8ghb05c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=L8HpCxKj9 (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: 5e8c504e9d9aa2b0ab9f5a767371721cac26e539213652410dd02802853bc14c 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Tue, 29 Nov 2022 06:15:05 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=865693538151570184; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=64710.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A368-42FE722101BB9700-1A5A70DC --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7795 Md5: f9fa6f5d5fdb0bae5cc062ba82e09f3b Sha1: d0a9c7bf76c23322b280380c51871c267511f729 Sha256: 5e8c504e9d9aa2b0ab9f5a767371721cac26e539213652410dd02802853bc14c
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 06:15:05 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 07:48:04 GMT Expires: Sat, 03 Dec 2022 07:48:03 GMT Etag: "f66d108422d188602530372875d7beac8327ef5e" Cache-Control: max-age=350577,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 771934f09d6bb51e-OSL --- Additional Info --- Magic: data Size: 471 Md5: 00eea5bdd305068f54a53a0311504c7f Sha1: f66d108422d188602530372875d7beac8327ef5e Sha256: 28af17da166160f801c52c703e8ec618d58abfd20abc3c6fd22e65cb9a90b7d8
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.8 HASH: 30a0fe398adb816d0651e3f2f195bde2c4763aee96824a31df422181f70fee39 185.88.181.8 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Tue, 29 Nov 2022 06:15:05 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=a30efb5cb6bd98fax2PtuFI85mWRIXwEm-AZyo6i2B2jx6tjklsGNJbXBADc4HULIf5vsXyWu3CeMoC_Cc-Ese8o9V1yFo5nxzlc5w1lHADX2XGR9dHeR6e5udlb0sDpoF9GebGB0rzk2kYRXuaWwEe4MYjn2AoW_-R1xSkfEXGTA9DKzPzXLPRWwX925iIY07FZNI660iSSVuDf; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8644) Size: 25817 Md5: 7a0bf0fe1e30442ab7e4a670e2a6955c Sha1: 124a6a2036f5aef9cd2d44a0243ddf09091c7dbe Sha256: 30a0fe398adb816d0651e3f2f195bde2c4763aee96824a31df422181f70fee39
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Tue, 29 Nov 2022 06:15:05 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=9ub7w1e8owtk614sj8m38fjwkaujlo7w; expires=Fri, 26-Nov-2032 06:15:05 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=427806728152568087; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=70744.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6385A368-42FE722901BB07BC-1A6797D0; Secure; Samesite=None __l=6385A368-42FE722901BB07BC-1A6797D0; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A368-42FE722901BB07BC-1A6797D0 X-Firefox-Spdy: h2 --- Additional Info ---
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 104.21.58.242 104.21.58.242 HTTP/2 200 OK content-type: application/x-javascript date: Tue, 29 Nov 2022 06:15:04 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 6490 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5udFnmxcoMK228hYUW7cdFyewZscesMYkVAabiD%2BuFaP7N2iFVp%2B95Bf2IJDfz0u3NbKbEFHkRtknABULJ7eBrHRcyFwmHaNHwT06SqpoeRP2ThzDtvobBfQXkPy"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771934ea6d2db4f1-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-id?nbl=&impression=QOTdP2OFo2c&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FBAAA%2F10063%2Foth%3Fi%3DQOTdP2OFo2c%26u%3D3767906554830234470&search=%3Fi%3DQOTdP2OFo2c%26u%3D3767906554830234470&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=QOTdP2OFo2c&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:04 GMT set-cookie: userid=2341c9e0a240506b039074bf6794620f9eea71cfec73cbd916833c1ed00ea4b7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A136489852922%3B%7D; expires=Thu, 30-Nov-2023 02:31:44 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /login HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=9ub7w1e8owtk614sj8m38fjwkaujlo7w Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/login FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Tue, 29 Nov 2022 06:15:05 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Wed, 30-Nov-2022 06:15:05 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Tue, 06-Dec-2022 06:15:05 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure ss=199852943349722305; expires=Wed, 29-Nov-2023 06:15:05 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=16368.100000; expires=Thu, 29-Dec-2022 06:15:05 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6385A369-42FE722901BB07BC-1A67980A; Secure; Samesite=None __l=6385A369-42FE722901BB07BC-1A67980A; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6385A369-42FE722901BB07BC-1A67980A X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_QOTdP2OFo2c=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJRT1RkUDJPRm8yYyIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0JBQUEvMTAwNjMvb3RoP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwic2VhcmNoIjoiP2k9UU9UZFAyT0ZvMmMmdT0zNzY3OTA2NTU0ODMwMjM0NDcwIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjoxMzY0ODk4NTI5MjJ9; userid=2341c9e0a240506b039074bf6794620f9eea71cfec73cbd916833c1ed00ea4b7a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A136489852922%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Nov 2022 06:15:05 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /v3/signin/identifier?dsh=S1593960072%3A1669702504789292&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvcxen_geR1KARp_-FkFhEAi6m5g5r5D32PhGHW2yLPRhlhXlEFD_WQ_Zar8SoF4FsnnimUZg HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S159396007 (...) FQDN: accounts.google.com IP: 216.58.207.237 216.58.207.237 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 29 Nov 2022 06:15:04 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= cross-origin-opener-policy-report-only: same-origin content-security-policy: script-src 'nonce-v_N1puLNmgsTXj2PIo8wRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (28)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.159.164

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (73)

Overview

Domain Summary (28)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.159.164

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (73)

Network Intrusion Detection Systems