urlquery - report: dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
js.sentry-cdn.com (1)	5259	2018-07-13 11:42:06 UTC	2022-11-29 20:54:43 UTC	151.101.194.217
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-11-29 22:42:47 UTC	142.250.74.42
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
fonts.gstatic.com (2)	0	2014-09-09 00:40:21 UTC	2022-11-29 23:47:40 UTC	216.58.207.227	Domain (gstatic.com) ranked at: 540
her-cupid.com (25)	698724	2021-08-09 12:54:36 UTC	2022-11-30 01:10:09 UTC	54.39.22.228
dateexotic.com (3)	0	2020-10-21 10:51:18 UTC	2022-11-29 06:14:51 UTC	172.67.159.164	Unknown ranking
r3.o.lencr.org (9)	344	No data	No data	23.36.76.226
ocsp.pki.goog (13)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	216.58.211.3
www.facebook.com (1)	99	2012-05-21 00:23:41 UTC	2021-06-08 06:38:51 UTC	31.13.72.36
www.xvideos.com (1)	11464	2012-05-21 18:29:12 UTC	2020-03-18 14:38:47 UTC	185.88.181.10
accounts.google.com (2)	81	2016-09-05 09:39:47 UTC	2022-11-29 19:35:38 UTC	142.250.74.109
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
www.pornhub.com (2)	10781	2012-05-21 06:55:53 UTC	2020-05-05 12:49:23 UTC	66.254.114.41
alexatracker.com (1)	0	2020-10-28 18:44:06 UTC	2022-11-30 01:09:41 UTC	104.21.85.99	Unknown ranking
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.89.217.163
fonts.googleapis.com (2)	8877	2013-06-10 20:14:26 UTC	2022-11-29 19:24:13 UTC	142.250.74.106
www2.dateexotic.com (1)	0	2022-11-09 12:59:30 UTC	2022-11-29 23:55:35 UTC	104.21.34.109	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
app.api-push.com (2)	307671	2021-12-06 12:20:56 UTC	2022-11-29 23:55:37 UTC	172.64.138.29
www.pornhubpremium.com (2)	142013	2014-02-24 07:26:05 UTC	2020-04-11 12:46:17 UTC	66.254.114.33
e1.o.lencr.org (2)	6159	No data	No data	23.36.77.32
cdnjam.com (1)	204001	2021-02-18 07:53:51 UTC	2022-11-29 23:55:37 UTC	188.114.96.1
o65532.ingest.sentry.io (1)	747982	2022-06-02 01:41:52 UTC	2022-11-29 23:55:37 UTC	34.120.195.249
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-29 17:14:13 UTC	34.102.187.140
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-29 17:10:57 UTC	34.117.237.239

Scan Date	Severity	Indicator	Comment
2022-11-30	2	dateexotic.com/static/js/build/bd.js	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-1.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-2.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-3.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-4.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-5.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-6.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-7.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-8.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-9.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-10.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-4.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-1.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-2.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-3.webp	Phishing
2022-11-30	2	her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-center-bottom-ql.webp	Phishing
2022-11-30	2	her-cupid.com/stats	Phishing
2022-11-30	2	her-cupid.com/stats	Phishing
2022-11-30	2	her-cupid.com/stats	Phishing
2022-11-30	2	her-cupid.com/stats	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-03 18:28:28 +0000	0 - 2 - 7	dateexotic.com/agEA?usid=2504fgn1d9370&email= (...)	104.21.34.109
2023-01-28 13:15:38 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=sr2f6b1ch1ln&email=s (...)	104.21.34.109
2023-01-23 06:31:47 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3qd0rml1bnbp8&email= (...)	104.21.34.109
2023-01-22 22:04:56 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3b0nm5a1bl9mr&email= (...)	104.21.34.109
2023-01-20 22:26:30 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3k6dgk11b80oo&email= (...)	104.21.34.109

Date	UQ / IDS / BL	URL	IP
2023-02-05 04:28:15 +0000	0 - 2 - 0	s3.romsfast.com/3DS-DEC/Super%20Mario%203D%20 (...)	104.26.6.60
2023-02-05 04:26:38 +0000	0 - 2 - 1	1wtbi.top/	188.114.96.1
2023-02-05 04:25:56 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/10697873624496 (...)	162.159.129.233
2023-02-05 04:25:38 +0000	0 - 0 - 3	soft4led.com/wp-content/uploads/2022/12/how-t (...)	172.67.215.27
2023-02-05 04:25:06 +0000	0 - 4 - 0	www.merca20.com/auronplay-biyin-tweets-neonazis/	104.22.49.154

Date	UQ / IDS / BL	URL	IP
2023-02-04 08:53:50 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=23f307c1darmf&email= (...)	172.67.159.164
2023-02-03 18:28:28 +0000	0 - 2 - 7	dateexotic.com/agEA?usid=2504fgn1d9370&email= (...)	104.21.34.109
2023-01-31 11:04:43 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2phgvpv1csk2i&email= (...)	172.67.159.164
2023-01-31 08:08:53 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=2p9471t1crtqn&email= (...)	172.67.159.164
2023-01-28 13:15:38 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=sr2f6b1ch1ln&email=s (...)	104.21.34.109

Date	UQ / IDS / BL	URL	IP
2022-12-31 22:53:46 +0000	0 - 0 - 18	dateexotic.com/agEA?usid=3qkvrcf17p26l&email= (...)	104.21.34.109
2022-11-20 07:25:14 +0000	0 - 0 - 1	dateexotic.com/agEA?usid=3akts5h12km7n&email= (...)	104.21.34.109
2023-01-06 06:56:08 +0000	0 - 0 - 17	funkydaters.com/-QIA	172.67.218.62
2022-11-25 05:43:33 +0000	0 - 0 - 18	ry4a8c0w1wtest3.karpedicepna.tk/q3bCCwDV?keyw (...)	146.190.75.35
2022-11-22 04:36:49 +0000	0 - 0 - 21	2vy13nt28test3.tpagsanwouldcount.ml/q3bCCwDV? (...)	146.190.75.35

HTTP Transactions (91)

Request	Response
GET /agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6 HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clea (...) FQDN: dateexotic.com IP: 172.67.159.164 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 172.67.159.164 HTTP/1.1 200 OK Content-Type: text/html Date: Wed, 30 Nov 2022 04:28:12 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5Bme18kgPmMt0wo3sw3wTrVcANdgQB1zkxvAMzespKsBCZ369J4s4TpU1wIiVcTguuBjmeB5uUhYnZJ2oZKu4Hip6yZ%2FHedlMK1tDgU5R82CjOaTcugmpp3vxGueISJAg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7720d5c0da91b4f3-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4276 Expires: Wed, 30 Nov 2022 05:39:28 GMT Date: Wed, 30 Nov 2022 04:28:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5daf4dc99951793ae2315d4795e8146 Sha1: 4427507ca4d3a5632cc8f598afbc85e2195d00bd Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 390 Cache-Control: max-age=108569 Date: Wed, 30 Nov 2022 04:28:12 GMT Etag: "6385df6f-1d7" Expires: Thu, 01 Dec 2022 10:37:41 GMT Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 4ed065cb23b5fca1a179dd73b3c5b7b2 Sha1: 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 Sha256: b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9282 Expires: Wed, 30 Nov 2022 07:02:54 GMT Date: Wed, 30 Nov 2022 04:28:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9fce5679881bf302a8978a0b462f01a9 Sha1: b699fe030ea13ac73813e655c42ed9b531925e2b Sha256: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 30 Nov 2022 04:17:59 GMT cache-control: public,max-age=3600 age: 613 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: ZxRbX+Wem3rWzmtyg59lYMpb0aGiIdCjKR2nDXgdOYbk/X7NmEIWLky11l8py35nXUo14x4sOE8= x-amz-request-id: 0Y76D1FE6W3K4XV5 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 30 Nov 2022 03:45:04 GMT age: 2588 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 172.67.159.164 HASH: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b 172.67.159.164 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Wed, 30 Nov 2022 04:28:12 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 7720d5c2db79b4f3-OSL Age: 95315 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BZo8P81myRabQlp0MpMOgi20l3SLPWhxdp0k3t7pQHxA%2FZAzdnk8lDEHSucFchcDDbZh6eoHFbOizxM6togUpspTRSFm0eugCsa9g6s1BukybXyxAOXd4N53l8E9a1ARA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3571 Md5: 896fa747a8832e6a6ac72bbbcfc917f6 Sha1: 67dc40632c900a9f84280f0898b308b8a6b3e3a5 Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 30 Nov 2022 04:28:12 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "D45AEC090DCB1E18F42AC3BD386D9C93E3D0170E89A87A209F9E73FABB5E5FDB" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19641 Expires: Wed, 30 Nov 2022 09:55:33 GMT Date: Wed, 30 Nov 2022 04:28:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: a4bdf86d064dca1dccc0c21d57e8717b Sha1: 4bd1076613368773640f61cb0dfcea9289b6a5bc Sha256: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 172.67.159.164 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 172.67.159.164 HTTP/1.1 200 OK Content-Type: image/gif Date: Wed, 30 Nov 2022 04:28:12 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0wt72OX1efY9nnsWyVYUHuEgsa%2BEHeZLPRoD7HOSYNtaqpVbjkb%2Fp68jnqbcrt5aLCsXHFh4JNeJ1q0V7y2%2FJ9ucvpCnEvZI4RViAADAi%2BHpSy4pko2UttbPETy%2Buvj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7720d5c43c5fb4f3-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 30 Nov 2022 04:11:13 GMT cache-control: public,max-age=3600 age: 1020 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 373 Cache-Control: max-age=103488 Date: Wed, 30 Nov 2022 04:28:13 GMT Etag: "6385cba8-1d7" Expires: Thu, 01 Dec 2022 09:13:01 GMT Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3c8c689bd654417640d85f3da51af313 Sha1: 85123b6d46230a23d03768bf304b386e5d301305 Sha256: 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "D45AEC090DCB1E18F42AC3BD386D9C93E3D0170E89A87A209F9E73FABB5E5FDB" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19640 Expires: Wed, 30 Nov 2022 09:55:33 GMT Date: Wed, 30 Nov 2022 04:28:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: a4bdf86d064dca1dccc0c21d57e8717b Sha1: 4bd1076613368773640f61cb0dfcea9289b6a5bc Sha256: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:13 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 211cba84ea56aec93ab90522f317e4c7 Sha1: 8f66789c99e752a6880eef9013ae8c68d5ebf240 Sha256: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xaW5idjE2MTNwc2s2JmVtYWlsPSZzdWIxPWNsZWFyX21haW4mcHJpZD0xaW5idjE2MTNwc2s2JmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=ff0a32b093664a3cc3f5775be352a61f HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 104.21.85.99 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.85.99 HTTP/2 301 Moved Permanently date: Wed, 30 Nov 2022 04:28:13 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=6885506135403977693&c=811598670 set-cookie: trbarid=6885506135403977693;expires=Fri, 29 Nov 2024 04:28:13 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zne2RXuhENoFlRZFh0%2BQJJIaS4OoGHX962rg0aWeC3%2BEOhnFw%2FpL%2BAUtgVSqoLDpicnFFyGZJLGNZFdh70B3azO%2F8rCkuPpIbX5C%2BvouV3qOAEYzIiEH63GWR5otujx2IyVG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7720d5c81df2b4e8-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:13 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 211cba84ea56aec93ab90522f317e4c7 Sha1: 8f66789c99e752a6880eef9013ae8c68d5ebf240 Sha256: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: uD1+XoIMeEuWfO77RL0GvQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.89.217.163 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.89.217.163 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: +keVPztaVrUBB67dmOQPscEWkpc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B264F3E63F403D010F1661AE0498D1EC3212D45142085054A43D1D5EF7779F0E" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7661 Expires: Wed, 30 Nov 2022 06:35:55 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 32dcaddc3949464535cee46b03cf58d9 Sha1: e3c913dd7c1f8cad36077ae722ff26d7af90fced Sha256: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js FQDN: js.sentry-cdn.com IP: 151.101.194.217 HASH: c6288bbdd02874245a8d4bab2da8a57328ac0571b9e55c80903609155647d345 151.101.194.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 12 content-encoding: gzip accept-ranges: bytes date: Wed, 30 Nov 2022 04:28:14 GMT age: 106 x-served-by: getsentry-web-default-common-production-6745b975fc-nh6lj, cache-bma1639-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1020 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 1020 Md5: deb34d7f2c87353155b469a5fe36ce3c Sha1: c008bc34f360a1bf8deb464e3a289dde267cd659 Sha256: c6288bbdd02874245a8d4bab2da8a57328ac0571b9e55c80903609155647d345
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10084 Expires: Wed, 30 Nov 2022 07:16:18 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10084 Expires: Wed, 30 Nov 2022 07:16:18 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10084 Expires: Wed, 30 Nov 2022 07:16:18 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.42 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.42 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 29 Nov 2022 21:57:45 GMT expires: Wed, 29 Nov 2023 21:57:45 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 23429 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 132 Cache-Control: max-age=119805 Date: Wed, 30 Nov 2022 04:28:14 GMT Etag: "63860c57-116" Expires: Thu, 01 Dec 2022 13:44:59 GMT Last-Modified: Tue, 29 Nov 2022 13:42:47 GMT Server: ECS (amb/6BA2) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 02877c8019408a72ab0e61e687def77b Sha1: bb0b54de955f69994761b3130591887d033f4eef Sha256: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12853 x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhdpHAuIAMFweQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:48 GMT age: 24206 etag: "151b60134a66305bd72dbb3810f67a57720b2af1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12853 Md5: e08af5b1d18986e112913c6e69cc8ce6 Sha1: 151b60134a66305bd72dbb3810f67a57720b2af1 Sha256: 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ced71a5-36d7-45c9-b67b-df6c12c1a127.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6695 x-amzn-requestid: 870d0eb1-8aa0-40d0-a04c-5e2666b68720 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhXTFWBIAMFfvQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867c2e-2f45c71127e5bebd660e6023;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:39:58 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: aLGMz9pYDAK4vBIvhsnNa0T9F_r7kn6BFg9q5dT5Qv7PBG9jHgwGXA== via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:44 GMT age: 24210 etag: "0c3e4019730bae709f01d0fcbc6b4b0f20388c0f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6695 Md5: 7a8c2292c953e41a108b1ca1f83b5134 Sha1: 0c3e4019730bae709f01d0fcbc6b4b0f20388c0f Sha256: 155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11466 x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgDaHUxIAMFxWA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: s1eFJ0mtTFv3DFwwZ52JWOCDJWFA9IRiJ54L0JSkxzxFLnFIgts2CA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:35 GMT etag: "49a82390cbf2139bf681d896f9467ab736e0b337" age: 24219 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11466 Md5: 0c14828912decf19c9d95fee93e92f00 Sha1: 49a82390cbf2139bf681d896f9467ab736e0b337 Sha256: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9674 x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgEoHVAoAMFvAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:46 GMT etag: "53650399f9a986ba54addd668b4557109d12003b" age: 24208 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9674 Md5: 5508d05a290b663fd89ead9b58f2efd8 Sha1: 53650399f9a986ba54addd668b4557109d12003b Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13195 x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhGvHW6oAMFxgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:49 GMT age: 24205 etag: "6004b4b7afd22dded903f026d245bc90a6706767" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13195 Md5: 9fb14804c284e300f976848e30396e9c Sha1: 6004b4b7afd22dded903f026d245bc90a6706767 Sha256: 1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8337 x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhgYHViIAMFZrA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:59:07 GMT age: 23347 etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8337 Md5: 2cb669522a324cd5d9ba1b1743138d38 Sha1: 71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0 Sha256: a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /css?family=Oswald:700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Oswald:700 FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: 24389dbd6d3a7f1104a82ea55b0e2df639dd71222fbc062fe041f4f32fcfce43 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 04:28:14 GMT date: Wed, 30 Nov 2022 04:28:14 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 968 Md5: b160ab43fb15cae51d31d21068c99901 Sha1: 1fe3a80f4c586e3083b202282bcc47d5196e171f Sha256: 24389dbd6d3a7f1104a82ea55b0e2df639dd71222fbc062fe041f4f32fcfce43
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 132 Cache-Control: max-age=119805 Date: Wed, 30 Nov 2022 04:28:14 GMT Etag: "63860c57-116" Expires: Thu, 01 Dec 2022 13:44:59 GMT Last-Modified: Tue, 29 Nov 2022 13:42:47 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 02877c8019408a72ab0e61e687def77b Sha1: bb0b54de955f69994761b3130591887d033f4eef Sha256: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 188.114.96.1 HASH: 7ecccb4b333f683cafc0f43b23c94d10c945a68edab6dc833f017229930916fc 188.114.96.1 HTTP/2 200 OK content-type: application/x-javascript date: Wed, 30 Nov 2022 04:28:14 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 7008 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8Myid%2BSR7t0bzb0gXhbLEzKVK0MJCbqFnyyOaoWX0hi%2B8EUUGhJHvstgOfl9V3Yl%2BUK9%2FFt%2Bs5eUJNf0v%2FGurbZnYVkcmyOfpCgdl239%2BfHA7OMy3JJxjXYv8e0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5d0da91b511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (36273) Size: 31228 Md5: 7820521d43ec5f486d25eaca7cd7cd5b Sha1: ffac9488ea955ac98f3d48bb59711a38c4bec7d0 Sha256: 7ecccb4b333f683cafc0f43b23c94d10c945a68edab6dc833f017229930916fc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 28 Nov 2022 21:19:18 GMT expires: Tue, 28 Nov 2023 21:19:18 GMT cache-control: public, max-age=31536000 age: 112136 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 06:30:11 GMT expires: Sat, 25 Nov 2023 06:30:11 GMT cache-control: public, max-age=31536000 age: 424684 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10429 Expires: Wed, 30 Nov 2022 07:22:04 GMT Date: Wed, 30 Nov 2022 04:28:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.22.0 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 30 Nov 2022 04:28:15 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10429 Expires: Wed, 30 Nov 2022 07:22:04 GMT Date: Wed, 30 Nov 2022 04:28:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.138.29 HTTP/2 204 No Content date: Wed, 30 Nov 2022 04:28:15 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsN8CZHyZGM9zPI8KoxRcYyw2htYicPmD%2BVKWdEUQtWOT1Ti0T1uQttrFT6bPWCoZOKyqYMOk7%2BzwtMp6VoO1q0r8ygIIQ609dYhSFT5PMGc%2FRZg6HaZeN6DHwlz%2Fz5gDYuP"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5d1dcff73f3-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/AwAA/images/en/pics-for-bg/pic-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 29802 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-746a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29802 Md5: 89bed1df07d0561082775600a7b4dffc Sha1: c1456d2202279838618660a9405f480af3042b7d Sha256: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 29526 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7356" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29526 Md5: 7a14d6654f06cf115f1bfa361b6133f4 Sha1: be7c7984440b7fca15a2dba45e9727f83c7ed5a7 Sha256: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 31946 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7cca" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31946 Md5: 0a776348771c52ebdedbae6aec1a21bb Sha1: 6b2d5183853987c743ae74bbb8d1977e91e58542 Sha256: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 31114 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-798a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31114 Md5: 8ff3901573b3b7571c19f57460bd64ab Sha1: ab0478e05e29ceca93cce58fcc9e628287899fe9 Sha256: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-5.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-5.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 29010 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7152" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29010 Md5: d0be4db567029a82f6b2abb8a598047f Sha1: 54fc8433892867b4f1b04010fda6432bfc8dc672 Sha256: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-6.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-6.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: d9d36905a77e8ff1e9893c618aaa63770c83217ea01cf2744a0279d02ff0d568 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 27214 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-6a4e" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 27214 Md5: 212ab1ac3dd4c0571230527cd14608b5 Sha1: 5d095508ce1777610120bf7dff74eecab451c9d9 Sha256: d9d36905a77e8ff1e9893c618aaa63770c83217ea01cf2744a0279d02ff0d568 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/3-1.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-1.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 480 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1e0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 480 Md5: 37ad09484eb1a7e103c1bba69ec3408d Sha1: 950c14767d959c154d2ba2ceaa7867b8809731e5 Sha256: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/AwAA/3-2.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-2.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 535 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-217" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 535 Md5: 7621845db78d7540608060c63a721252 Sha1: b24bca5f9e3ca0daf6f0f4822d66febc5c65d169 Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/AwAA/images/en/pics-for-bg/pic-7.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-7.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 20464 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-4ff0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 20464 Md5: 531177239b443129aa3c4a7df46587a0 Sha1: d10b5d62feac76a5023a60b1e858c152985ac781 Sha256: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-8.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-8.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 32216 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7dd8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 32216 Md5: ed47b38a109df684d6f47d847baba3ce Sha1: 42804d2a2f18ea6899033cb513ae25e2412be1da Sha256: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-9.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-9.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 49118 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-bfde" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 49118 Md5: 3d3e96d7abdf026fe492e7937f2a59cc Sha1: 890ba98493246b4ced8317ffb371e95596e630ce Sha256: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-10.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-10.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 21094 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-5266" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 21094 Md5: b914513208055760188667de39db6716 Sha1: 04ae5f3be7a1c7bea6dd09cce098ee9edef554cb Sha256: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1637252 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-18fb84" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1637252 Md5: 10d4826a92e3fc1e4dbbf0be274bc061 Sha1: 9f4c667c8d1000c30789dc1f9b837803096b5b4f Sha256: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1270992 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-1364d0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1270992 Md5: 6e76e71ebf7277bce1079af604723e23 Sha1: c8fcbea450f77451ce8a6709c54c979e70507ca1 Sha256: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 2464052 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-259934" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 2464052 Md5: 5ea931f6f8f26a124460551efe002ac4 Sha1: 36e800547ef0feaa5d7a7ac69e5a24b66c81f907 Sha256: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1640424 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-1907e8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1640424 Md5: c2c8cf2a99d71b95804d661f795b5ce9 Sha1: 5ca43250f3c7bc1a67295381f430df71bffa3a6f Sha256: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-center-bottom-ql.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-cen (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1031120 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-fbbd0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1031120 Md5: ed3e40b68948820502bbf1716eae56b2 Sha1: 50ae8497f4d8bea52c4cb2c0177bc5be25c8b263 Sha256: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 Alerts: Blocklists: - fortinet: Phishing
GET /AwAA/10040/oth?i=P5F1b2OG294&u=6885506135403977693 HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: her-cupid.com/AwAA/10040/oth?i=P5F1b2OG294&u=6885506135 (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: d5db80f6794a32124fcb889da2c3f35f815ed4c15b267c53f833601cf4032696 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT access-control-allow-origin: * x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 11027 Md5: d278dc97a7d99e35283b67984524f6da Sha1: b5668dc33f318004c547a8efdd86f41a0cd0c08e Sha256: d5db80f6794a32124fcb889da2c3f35f815ed4c15b267c53f833601cf4032696
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: cd528f6c2c45e38c52095a73a9cd8c68 Sha1: dca2df874a830edac932136d474453c18d933024 Sha256: 4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 310 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2f24612c82ee38ff338f69e4b8ca32c3f0084d5bcacd580223bb0f8fa5e6cefb 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:15 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 357 Md5: 3b95a569e1d2a2c5688b8605da46c25e Sha1: 8de7c19e20f18fb5eb41adc6674cfef8b23975d0 Sha256: 2f24612c82ee38ff338f69e4b8ca32c3f0084d5bcacd580223bb0f8fa5e6cefb Alerts: Blocklists: - fortinet: Phishing
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: MXG9hJjHbJjQpa20IYrRYFE8ZghQpBNhVoY5Udt0kpa6FXckCyF94hrpjPCCpz3AYqSzwd5w84Lo1s//h8MJnQ== content-length: 0 date: Wed, 30 Nov 2022 04:28:16 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/AwAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT content-length: 7017 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1b69" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 7017 Md5: f19d6f44b496c9dedce8b96bd0f5f829 Sha1: c887ac358a0c8d6979f8b67013954aa8cf4ab1c8 Sha256: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78
GET /static/AwAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT content-length: 1264 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-4f0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1264 Md5: fa61744c0140328a533d26bc93753134 Sha1: ea2b1d32e78280d8207a32aa6214263db134123e Sha256: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 434 Cache-Control: max-age=104964 Date: Wed, 30 Nov 2022 04:28:16 GMT Etag: "6385d132-1d7" Expires: Thu, 01 Dec 2022 09:37:40 GMT Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c3c6fcc1a6ec6e438b371359a220d437 Sha1: 646d2c502eb3579d0c394dbdd16ef10f60f43063 Sha256: 5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: abd55ecd24d357a9f02612558f723a90 Sha1: 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec Sha256: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a67f152254e0a2cfaf6ba5e5e51d9ae4 Sha1: 6ddc5ee596d0469d4d5f0bbcd1918677019337b4 Sha256: d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 142.250.74.109 HASH: ce5fce8ca24bacb531d17a7972f322adbd8f8ad2fb2928437a6f184f0d96a6b3 142.250.74.109 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Wed, 30 Nov 2022 04:28:16 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-553091906%3A1669782496203763&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuFSRzWYFjsqvnoTeqIaIeodWRzttui__TdgBSTd5_wShkbiAzWfv-wEZ2z3mK1v0qvRX2q strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: script-src 'nonce-jSXS7Wn9Vr752W_8Uqsd9w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 405 server: GSE set-cookie: __Host-GAPS=1:Hy3Bcr_LzdbBxtaibwKpPxWes1lVIQ:mGJrt9vFN1GfDkVZ;Path=/;Expires=Fri, 29-Nov-2024 04:28:16 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384) Size: 405 Md5: 700050577d6ac338206f885dd2ed458b Sha1: a977b4c3aa7d7a26a257ac4a73e02965acbb7aa3 Sha256: ce5fce8ca24bacb531d17a7972f322adbd8f8ad2fb2928437a6f184f0d96a6b3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ee3d85563851f3d3032c6c0d4eb76e3d7f987e9f239ccba84ad9105e2ed2fc4a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 402 Cache-Control: 'max-age=158059' Date: Wed, 30 Nov 2022 04:28:16 GMT Last-Modified: Wed, 30 Nov 2022 04:21:34 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: b3c67996d24e677f32e223785b85f1de Sha1: f830088a52e62dc7cbb331e0bc0088bc7157fcf0 Sha256: ee3d85563851f3d3032c6c0d4eb76e3d7f987e9f239ccba84ad9105e2ed2fc4a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7be6066aa3576b349ecb2d672c143065739f8e6101b4fbeea64fac2ece68c73d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7BE6066AA3576B349ECB2D672C143065739F8E6101B4FBEEA64FAC2ECE68C73D" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10420 Expires: Wed, 30 Nov 2022 07:21:56 GMT Date: Wed, 30 Nov 2022 04:28:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f26a8330c6c44426f6acf21c005b3f57 Sha1: 86cb19a53321546f23f0c38b511a764402c69083 Sha256: 7be6066aa3576b349ecb2d672c143065739f8e6101b4fbeea64fac2ece68c73d
GET /v3/signin/identifier?dsh=S-553091906%3A1669782496203763&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuFSRzWYFjsqvnoTeqIaIeodWRzttui__TdgBSTd5_wShkbiAzWfv-wEZ2z3mK1v0qvRX2q HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S-55309190 (...) FQDN: accounts.google.com IP: 142.250.74.109 HASH: bc8fdcd1480bcf2de84bdf6d3b4ba02b0232dd9128f70392af102ff6a5d975bc 142.250.74.109 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Wed, 30 Nov 2022 04:28:16 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]} content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-UVE2_AqXs5r7UF7q5cbzRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi" permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 971 Md5: f0222fa75efefbc6d227916e135edde9 Sha1: 7dd4420875e466c13fc46e967ff01f1acc4d6e9a Sha256: bc8fdcd1480bcf2de84bdf6d3b4ba02b0232dd9128f70392af102ff6a5d975bc
GET /user/security/1111 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/user/security/1111 FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.254.114.33 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=ogfpd2rff9z7dbhmsscy4wcnobt0kgv3; expires=Sat, 27-Nov-2032 04:28:16 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=117391306712697110; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1026 location: https://www.pornhubpremium.com/premium/login?redirect=f9UcuDBziQ6NJXNYWPKF9qc-YJYxx-o_Xk4YpTC5Or1egNDTaXp_Xg5Z0lxcbOu7 x-frame-options: SAMEORIGIN vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722101BB6485-3D63DC2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premium/login?redirect=f9UcuDBziQ6NJXNYWPKF9qc-YJYxx-o_Xk4YpTC5Or1egNDTaXp_Xg5Z0lxcbOu7 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=ogfpd2rff9z7dbhmsscy4wcnobt0kgv3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=f9UcuDBzi (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: 6ed60845aa8e0a96e6ccef88278b75e16ec83b88d2904c408a999eb95499a480 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=583987794562461368; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=40288.100000; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722101BB6485-3D63DFF --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7798 Md5: 4ea6e4063e81ed071b454dde3bb6c485 Sha1: 6c18ecf763df67a07f4c5325e1848fb579be4911 Sha256: 6ed60845aa8e0a96e6ccef88278b75e16ec83b88d2904c408a999eb95499a480
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: aac788858896764aa56cb38eb0e14d61674885f70ae5d217f548a52e6e5c1a43 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 19:48:07 GMT Expires: Tue, 06 Dec 2022 19:48:06 GMT Etag: "e059008669e4d6be11426abb9ad005c743900e80" Cache-Control: max-age=572989,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7720d5da6a0ab515-OSL --- Additional Info --- Magic: data Size: 471 Md5: 219f8629d07ce15c2074cf6cccfc7d76 Sha1: e059008669e4d6be11426abb9ad005c743900e80 Sha256: aac788858896764aa56cb38eb0e14d61674885f70ae5d217f548a52e6e5c1a43
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.10 HASH: 52971bc1d14dc31dc8b57a7b253459ea4c97513ef908aebf168fda7df2b7148e 185.88.181.10 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Wed, 30 Nov 2022 04:28:16 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=712c6f8bda7f0709aPR-sqVGDdJPcoKzUOiNoEQqNf7KGne0URaAnhZWXx8k-nCulSrAV_rOMr3BtfrzKMVze5DdG1t-YyyrSDfTValMo76omi9wuicgnoQdcpPRUcoiP92creTuqEHR664MIig5Yrk--zYCdb908YhHFifrHhJMZDRTcWmythNR4F5qZTIpnTJVGgniu9ikftKX; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8648) Size: 25869 Md5: 73703bbbbb46eaa81a50dee3e2c74ebc Sha1: 9eb0098dab8debfa57f0df7c65b6d504798c15b7 Sha256: 52971bc1d14dc31dc8b57a7b253459ea4c97513ef908aebf168fda7df2b7148e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8288 x-amzn-requestid: 8b48ce45-1c30-4ea3-8cef-bf3b2e7f106f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgEgFcUIAMFkSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a1c-20e896a62338c6dc45c1ca2a;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:08 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 0bNBjOUnEjVgDrhXO2wYnfemT_030w9kk747Zk9-DTeI0UB-lV073g== via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:26 GMT age: 24235 etag: "268e6202466941e612ff503835de9091ef4d5b38" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8288 Md5: 2cd563ab005d968185c8d000e38b88c2 Sha1: 268e6202466941e612ff503835de9091ef4d5b38 Sha256: 272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 318 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjQ2OTcyOTg3MzI3OH0=; userid=f849d16bd0e527a0be60b3388fd9bd15b57f531d3f3b5ae7629b88d71be7ded0a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A469729873278%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=7ijwoksnu4edsvejymz23upb7y8tovzl; expires=Sat, 27-Nov-2032 04:28:16 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=637571349125944923; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=42398.100000; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6386DBE0-42FE722901BB6485-3D63DF8; Secure; Samesite=None __l=6386DBE0-42FE722901BB6485-3D63DF8; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722901BB6485-3D63DF8 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 365 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTgzNiwiZG9tSW50ZXJhY3RpdmUiOjIyMjcsImRvbUNvbXBsZXRlIjozNTc4fX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjo0Njk3Mjk4NzMyNzh9; userid=f849d16bd0e527a0be60b3388fd9bd15b57f531d3f3b5ae7629b88d71be7ded0a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A469729873278%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1 (...) FQDN: www2.dateexotic.com IP: 104.21.34.109 104.21.34.109 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Wed, 30 Nov 2022 04:28:13 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xaW5idjE2MTNwc2s2JmVtYWlsPSZzdWIxPWNsZWFyX21haW4mcHJpZD0xaW5idjE2MTNwc2s2JmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=ff0a32b093664a3cc3f5775be352a61f access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oosTCpQs%2F2%2BhU6JYJGyUKlDQoJYPd4WQLYilW9QV1TdG6G2k1ZfcB5DMnpSTRkUQiW88m1CAID%2F1iNiMVlI3WruucaqC7pSwfxeA56S4YBeWL399hc7oZGQYikqir%2B11PA7cJ%2B6n"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5c3f93fb51d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 172.64.138.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Wed, 30 Nov 2022 04:28:15 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTRqcxz95moGC0R0PLj1HlB2dBStaezVW1rRJDC97HG0MbNlpr83wixctkmeZ6CIZbGCOkwXFGuEJ2otszoWGjl0UFKMU976qmcJcbGbDEK7UNT0zkHlH7ikGtHm441zbXyG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5d28d4d73f3-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 04:28:14 GMT date: Wed, 30 Nov 2022 04:28:14 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-id?nbl=&impression=P5F1b2OG294&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FAwAA%2F10040%2Foth%3Fi%3DP5F1b2OG294%26u%3D6885506135403977693&search=%3Fi%3DP5F1b2OG294%26u%3D6885506135403977693&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=P5F1b2OG294&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT set-cookie: userid=f849d16bd0e527a0be60b3388fd9bd15b57f531d3f3b5ae7629b88d71be7ded0a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A469729873278%3B%7D; expires=Fri, 01-Dec-2023 00:44:56 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /login HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=7ijwoksnu4edsvejymz23upb7y8tovzl Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/login FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure ss=420445882268753077; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=43563.100000; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6386DBE0-42FE722901BB6485-3D63E30; Secure; Samesite=None __l=6386DBE0-42FE722901BB6485-3D63E30; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722901BB6485-3D63E30 X-Firefox-Spdy: h2 --- Additional Info ---

URL	dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6
IP	104.21.34.109 ()
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-30 04:28:25 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	20
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6 HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clea (...) FQDN: dateexotic.com IP: 172.67.159.164 HASH: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0 172.67.159.164 HTTP/1.1 200 OK Content-Type: text/html Date: Wed, 30 Nov 2022 04:28:12 GMT Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5Bme18kgPmMt0wo3sw3wTrVcANdgQB1zkxvAMzespKsBCZ369J4s4TpU1wIiVcTguuBjmeB5uUhYnZJ2oZKu4Hip6yZ%2FHedlMK1tDgU5R82CjOaTcugmpp3vxGueISJAg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7720d5c0da91b4f3-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 907 Md5: f644572248ce42c31779d65845c95277 Sha1: 6963b52cff901ae5ce3eb250820dcaef46cc9388 Sha256: 0dc593a03650815982744fed9471b72fdd89137793aa69f02ed7feadc6b9d0f0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4276 Expires: Wed, 30 Nov 2022 05:39:28 GMT Date: Wed, 30 Nov 2022 04:28:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5daf4dc99951793ae2315d4795e8146 Sha1: 4427507ca4d3a5632cc8f598afbc85e2195d00bd Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 390 Cache-Control: max-age=108569 Date: Wed, 30 Nov 2022 04:28:12 GMT Etag: "6385df6f-1d7" Expires: Thu, 01 Dec 2022 10:37:41 GMT Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 4ed065cb23b5fca1a179dd73b3c5b7b2 Sha1: 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 Sha256: b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9282 Expires: Wed, 30 Nov 2022 07:02:54 GMT Date: Wed, 30 Nov 2022 04:28:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9fce5679881bf302a8978a0b462f01a9 Sha1: b699fe030ea13ac73813e655c42ed9b531925e2b Sha256: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 30 Nov 2022 04:17:59 GMT cache-control: public,max-age=3600 age: 613 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: ZxRbX+Wem3rWzmtyg59lYMpb0aGiIdCjKR2nDXgdOYbk/X7NmEIWLky11l8py35nXUo14x4sOE8= x-amz-request-id: 0Y76D1FE6W3K4XV5 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 30 Nov 2022 03:45:04 GMT age: 2588 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /static/js/build/bd.js HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6	URL: dateexotic.com/static/js/build/bd.js FQDN: dateexotic.com IP: 172.67.159.164 HASH: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b 172.67.159.164 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Wed, 30 Nov 2022 04:28:12 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Ray: 7720d5c2db79b4f3-OSL Age: 95315 ETag: W/"static/js/build/bd.3ad9d77bdd.js" Vary: Accept-Encoding CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BZo8P81myRabQlp0MpMOgi20l3SLPWhxdp0k3t7pQHxA%2FZAzdnk8lDEHSucFchcDDbZh6eoHFbOizxM6togUpspTRSFm0eugCsa9g6s1BukybXyxAOXd4N53l8E9a1ARA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (8033) Size: 3571 Md5: 896fa747a8832e6a6ac72bbbcfc917f6 Sha1: 67dc40632c900a9f84280f0898b308b8a6b3e3a5 Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 30 Nov 2022 04:28:12 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "D45AEC090DCB1E18F42AC3BD386D9C93E3D0170E89A87A209F9E73FABB5E5FDB" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19641 Expires: Wed, 30 Nov 2022 09:55:33 GMT Date: Wed, 30 Nov 2022 04:28:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: a4bdf86d064dca1dccc0c21d57e8717b Sha1: 4bd1076613368773640f61cb0dfcea9289b6a5bc Sha256: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb
GET /favicon.ico HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6	URL: dateexotic.com/favicon.ico FQDN: dateexotic.com IP: 172.67.159.164 HASH: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4 172.67.159.164 HTTP/1.1 200 OK Content-Type: image/gif Date: Wed, 30 Nov 2022 04:28:12 GMT Content-Length: 47 Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0wt72OX1efY9nnsWyVYUHuEgsa%2BEHeZLPRoD7HOSYNtaqpVbjkb%2Fp68jnqbcrt5aLCsXHFh4JNeJ1q0V7y2%2FJ9ucvpCnEvZI4RViAADAi%2BHpSy4pko2UttbPETy%2Buvj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7720d5c43c5fb4f3-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 47 Md5: 2f3ca1d38e8b18ef00c4a0eff0889cfc Sha1: 2f28ed1ccf7c08cf22491757fe20385249db162e Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 30 Nov 2022 04:11:13 GMT cache-control: public,max-age=3600 age: 1020 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 373 Cache-Control: max-age=103488 Date: Wed, 30 Nov 2022 04:28:13 GMT Etag: "6385cba8-1d7" Expires: Thu, 01 Dec 2022 09:13:01 GMT Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3c8c689bd654417640d85f3da51af313 Sha1: 85123b6d46230a23d03768bf304b386e5d301305 Sha256: 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "D45AEC090DCB1E18F42AC3BD386D9C93E3D0170E89A87A209F9E73FABB5E5FDB" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19640 Expires: Wed, 30 Nov 2022 09:55:33 GMT Date: Wed, 30 Nov 2022 04:28:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: a4bdf86d064dca1dccc0c21d57e8717b Sha1: 4bd1076613368773640f61cb0dfcea9289b6a5bc Sha256: d45aec090dcb1e18f42ac3bd386d9c93e3d0170e89a87a209f9e73fabb5e5fdb
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:13 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 211cba84ea56aec93ab90522f317e4c7 Sha1: 8f66789c99e752a6880eef9013ae8c68d5ebf240 Sha256: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xaW5idjE2MTNwc2s2JmVtYWlsPSZzdWIxPWNsZWFyX21haW4mcHJpZD0xaW5idjE2MTNwc2s2JmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=ff0a32b093664a3cc3f5775be352a61f HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29 (...) FQDN: alexatracker.com IP: 104.21.85.99 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.85.99 HTTP/2 301 Moved Permanently date: Wed, 30 Nov 2022 04:28:13 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&tbsession=6885506135403977693&c=811598670 set-cookie: trbarid=6885506135403977693;expires=Fri, 29 Nov 2024 04:28:13 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zne2RXuhENoFlRZFh0%2BQJJIaS4OoGHX962rg0aWeC3%2BEOhnFw%2FpL%2BAUtgVSqoLDpicnFFyGZJLGNZFdh70B3azO%2F8rCkuPpIbX5C%2BvouV3qOAEYzIiEH63GWR5otujx2IyVG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7720d5c81df2b4e8-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:13 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 211cba84ea56aec93ab90522f317e4c7 Sha1: 8f66789c99e752a6880eef9013ae8c68d5ebf240 Sha256: ca2ea28e8aa98581b4bb4d3cbf0129eb04bf318e4b694e03e69358c2636c6f31
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: uD1+XoIMeEuWfO77RL0GvQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.89.217.163 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.89.217.163 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: +keVPztaVrUBB67dmOQPscEWkpc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B264F3E63F403D010F1661AE0498D1EC3212D45142085054A43D1D5EF7779F0E" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7661 Expires: Wed, 30 Nov 2022 06:35:55 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 32dcaddc3949464535cee46b03cf58d9 Sha1: e3c913dd7c1f8cad36077ae722ff26d7af90fced Sha256: b264f3e63f403d010f1661ae0498d1ec3212d45142085054a43d1d5ef7779f0e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: js.sentry-cdn.com/f44bbfb9a37b4915ac9fa50036de00f6.min.js FQDN: js.sentry-cdn.com IP: 151.101.194.217 HASH: c6288bbdd02874245a8d4bab2da8a57328ac0571b9e55c80903609155647d345 151.101.194.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 12 content-encoding: gzip accept-ranges: bytes date: Wed, 30 Nov 2022 04:28:14 GMT age: 106 x-served-by: getsentry-web-default-common-production-6745b975fc-nh6lj, cache-bma1639-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1020 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 1020 Md5: deb34d7f2c87353155b469a5fe36ce3c Sha1: c008bc34f360a1bf8deb464e3a289dde267cd659 Sha256: c6288bbdd02874245a8d4bab2da8a57328ac0571b9e55c80903609155647d345
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10084 Expires: Wed, 30 Nov 2022 07:16:18 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10084 Expires: Wed, 30 Nov 2022 07:16:18 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10084 Expires: Wed, 30 Nov 2022 07:16:18 GMT Date: Wed, 30 Nov 2022 04:28:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.42 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.42 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 29 Nov 2022 21:57:45 GMT expires: Wed, 29 Nov 2023 21:57:45 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 23429 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 132 Cache-Control: max-age=119805 Date: Wed, 30 Nov 2022 04:28:14 GMT Etag: "63860c57-116" Expires: Thu, 01 Dec 2022 13:44:59 GMT Last-Modified: Tue, 29 Nov 2022 13:42:47 GMT Server: ECS (amb/6BA2) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 02877c8019408a72ab0e61e687def77b Sha1: bb0b54de955f69994761b3130591887d033f4eef Sha256: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12853 x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhdpHAuIAMFweQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:48 GMT age: 24206 etag: "151b60134a66305bd72dbb3810f67a57720b2af1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12853 Md5: e08af5b1d18986e112913c6e69cc8ce6 Sha1: 151b60134a66305bd72dbb3810f67a57720b2af1 Sha256: 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ced71a5-36d7-45c9-b67b-df6c12c1a127.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6695 x-amzn-requestid: 870d0eb1-8aa0-40d0-a04c-5e2666b68720 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhXTFWBIAMFfvQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867c2e-2f45c71127e5bebd660e6023;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:39:58 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: aLGMz9pYDAK4vBIvhsnNa0T9F_r7kn6BFg9q5dT5Qv7PBG9jHgwGXA== via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:44 GMT age: 24210 etag: "0c3e4019730bae709f01d0fcbc6b4b0f20388c0f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6695 Md5: 7a8c2292c953e41a108b1ca1f83b5134 Sha1: 0c3e4019730bae709f01d0fcbc6b4b0f20388c0f Sha256: 155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11466 x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgDaHUxIAMFxWA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: s1eFJ0mtTFv3DFwwZ52JWOCDJWFA9IRiJ54L0JSkxzxFLnFIgts2CA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:35 GMT etag: "49a82390cbf2139bf681d896f9467ab736e0b337" age: 24219 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11466 Md5: 0c14828912decf19c9d95fee93e92f00 Sha1: 49a82390cbf2139bf681d896f9467ab736e0b337 Sha256: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9674 x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgEoHVAoAMFvAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:46 GMT etag: "53650399f9a986ba54addd668b4557109d12003b" age: 24208 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9674 Md5: 5508d05a290b663fd89ead9b58f2efd8 Sha1: 53650399f9a986ba54addd668b4557109d12003b Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13195 x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhGvHW6oAMFxgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:49 GMT age: 24205 etag: "6004b4b7afd22dded903f026d245bc90a6706767" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13195 Md5: 9fb14804c284e300f976848e30396e9c Sha1: 6004b4b7afd22dded903f026d245bc90a6706767 Sha256: 1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8337 x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYhgYHViIAMFZrA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:59:07 GMT age: 23347 etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8337 Md5: 2cb669522a324cd5d9ba1b1743138d38 Sha1: 71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0 Sha256: a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /css?family=Oswald:700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Oswald:700 FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: 24389dbd6d3a7f1104a82ea55b0e2df639dd71222fbc062fe041f4f32fcfce43 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 04:28:14 GMT date: Wed, 30 Nov 2022 04:28:14 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 968 Md5: b160ab43fb15cae51d31d21068c99901 Sha1: 1fe3a80f4c586e3083b202282bcc47d5196e171f Sha256: 24389dbd6d3a7f1104a82ea55b0e2df639dd71222fbc062fe041f4f32fcfce43
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 132 Cache-Control: max-age=119805 Date: Wed, 30 Nov 2022 04:28:14 GMT Etag: "63860c57-116" Expires: Thu, 01 Dec 2022 13:44:59 GMT Last-Modified: Tue, 29 Nov 2022 13:42:47 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 02877c8019408a72ab0e61e687def77b Sha1: bb0b54de955f69994761b3130591887d033f4eef Sha256: 2134d216a51ec415ecf5291b2e8b77f35fb2384f81ee6beb960724379ed8b64d
GET /cdn/push.min.js HTTP/1.1 Host: cdnjam.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjam.com/cdn/push.min.js FQDN: cdnjam.com IP: 188.114.96.1 HASH: 7ecccb4b333f683cafc0f43b23c94d10c945a68edab6dc833f017229930916fc 188.114.96.1 HTTP/2 200 OK content-type: application/x-javascript date: Wed, 30 Nov 2022 04:28:14 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62D8C82243EE0 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 7008 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8Myid%2BSR7t0bzb0gXhbLEzKVK0MJCbqFnyyOaoWX0hi%2B8EUUGhJHvstgOfl9V3Yl%2BUK9%2FFt%2Bs5eUJNf0v%2FGurbZnYVkcmyOfpCgdl239%2BfHA7OMy3JJxjXYv8e0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5d0da91b511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (36273) Size: 31228 Md5: 7820521d43ec5f486d25eaca7cd7cd5b Sha1: ffac9488ea955ac98f3d48bb59711a38c4bec7d0 Sha256: 7ecccb4b333f683cafc0f43b23c94d10c945a68edab6dc833f017229930916fc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 49eee25f3ccd585a29e34e80cf5bb160 Sha1: 73eca8be91deedd049304862759a3d8084c0b07e Sha256: 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 28 Nov 2022 21:19:18 GMT expires: Tue, 28 Nov 2023 21:19:18 GMT cache-control: public, max-age=31536000 age: 112136 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://her-cupid.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm45 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 06:30:11 GMT expires: Sat, 25 Nov 2023 06:30:11 GMT cache-control: public, max-age=31536000 age: 424684 last-modified: Mon, 11 Jul 2022 18:57:39 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10429 Expires: Wed, 30 Nov 2022 07:22:04 GMT Date: Wed, 30 Nov 2022 04:28:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.22.0 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://her-cupid.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://her-cupid.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: o65532.ingest.sentry.io/api/6161109/envelope/?sentry_ke (...) FQDN: o65532.ingest.sentry.io IP: 34.120.195.249 HASH: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a 34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 30 Nov 2022 04:28:15 GMT content-length: 2 access-control-allow-origin: https://her-cupid.com access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "91A992B7BA3F10613BFB0278120B9962ECB424DB2418C929AC29A9D8D81D4D5F" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10429 Expires: Wed, 30 Nov 2022 07:22:04 GMT Date: Wed, 30 Nov 2022 04:28:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: adaddb1757d7b98e890bec01e610e90c Sha1: 9c6938bcd69b8fa8678719ba815b358399ce2a6b Sha256: 91a992b7ba3f10613bfb0278120b9962ecb424db2418c929ac29a9d8d81d4d5f
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.64.138.29 HTTP/2 204 No Content date: Wed, 30 Nov 2022 04:28:15 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsN8CZHyZGM9zPI8KoxRcYyw2htYicPmD%2BVKWdEUQtWOT1Ti0T1uQttrFT6bPWCoZOKyqYMOk7%2BzwtMp6VoO1q0r8ygIIQ609dYhSFT5PMGc%2FRZg6HaZeN6DHwlz%2Fz5gDYuP"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5d1dcff73f3-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/AwAA/images/en/pics-for-bg/pic-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 29802 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-746a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29802 Md5: 89bed1df07d0561082775600a7b4dffc Sha1: c1456d2202279838618660a9405f480af3042b7d Sha256: f35ed3356d652ea6a4a3a437d7b4d00cdfa5a766a2cc34ea994f4c814e754a6c Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 29526 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7356" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29526 Md5: 7a14d6654f06cf115f1bfa361b6133f4 Sha1: be7c7984440b7fca15a2dba45e9727f83c7ed5a7 Sha256: 63008d1cf81485851d5d2136644923f9a778fcf2a4e874e5ea718fc426a02fbc Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 31946 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7cca" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31946 Md5: 0a776348771c52ebdedbae6aec1a21bb Sha1: 6b2d5183853987c743ae74bbb8d1977e91e58542 Sha256: 6bdae8b55844e8ca25ad6422da39ac01f362f3ffb3bb9c8b020cfaf0b146169e Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 31114 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-798a" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 31114 Md5: 8ff3901573b3b7571c19f57460bd64ab Sha1: ab0478e05e29ceca93cce58fcc9e628287899fe9 Sha256: dc893e9b7abe8a4ab2cfeb8924f833fcb43a16f560e1793e8fdb906e9a6aefbb Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-5.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-5.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 29010 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7152" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 29010 Md5: d0be4db567029a82f6b2abb8a598047f Sha1: 54fc8433892867b4f1b04010fda6432bfc8dc672 Sha256: 47aedcc05f343844b3db56c484fb5c2821d3fa4985a405ac86febe1604f6d1e5 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-6.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-6.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: d9d36905a77e8ff1e9893c618aaa63770c83217ea01cf2744a0279d02ff0d568 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 27214 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-6a4e" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 27214 Md5: 212ab1ac3dd4c0571230527cd14608b5 Sha1: 5d095508ce1777610120bf7dff74eecab451c9d9 Sha256: d9d36905a77e8ff1e9893c618aaa63770c83217ea01cf2744a0279d02ff0d568 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/3-1.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-1.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 480 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1e0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 480 Md5: 37ad09484eb1a7e103c1bba69ec3408d Sha1: 950c14767d959c154d2ba2ceaa7867b8809731e5 Sha256: 1a34fa1f236912eddc8817954583103dfb3ee754301a3745010fa09903c2f2a2
GET /static/AwAA/3-2.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2V9 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/3-2.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 535 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-217" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 535 Md5: 7621845db78d7540608060c63a721252 Sha1: b24bca5f9e3ca0daf6f0f4822d66febc5c65d169 Sha256: 5368506adbbdfa70cffa4f9cf91127edd324af89c40e14cc273fe7e0d322adf1
GET /static/AwAA/images/en/pics-for-bg/pic-7.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-7.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 20464 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-4ff0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 20464 Md5: 531177239b443129aa3c4a7df46587a0 Sha1: d10b5d62feac76a5023a60b1e858c152985ac781 Sha256: 43fc687f4ff9435f336a4c020dd653830c82c07a827b0cc78faae5be2076080d Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-8.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-8.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 32216 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-7dd8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 32216 Md5: ed47b38a109df684d6f47d847baba3ce Sha1: 42804d2a2f18ea6899033cb513ae25e2412be1da Sha256: fd71ee9e633f59c1218eb20e865121e1d0c51d31dfbe04d210ff54c2a5528ce3 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-9.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-9.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 49118 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-bfde" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 49118 Md5: 3d3e96d7abdf026fe492e7937f2a59cc Sha1: 890ba98493246b4ced8317ffb371e95596e630ce Sha256: 411c4615e4d3d050066ef0ae6ef6e69e7702bc02c0c4e267b26076a47ffd14b2 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/pic-10.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/pic-10.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 21094 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-5266" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 21094 Md5: b914513208055760188667de39db6716 Sha1: 04ae5f3be7a1c7bea6dd09cce098ee9edef554cb Sha256: 70894006834d4a2a1dcb6029cd29e86f14b9a7e03e8017304669ebd3d3bfec62 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-4.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-4.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1637252 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-18fb84" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1637252 Md5: 10d4826a92e3fc1e4dbbf0be274bc061 Sha1: 9f4c667c8d1000c30789dc1f9b837803096b5b4f Sha256: a78e89556b22804599224527cfe8273a6edbe84d3458e9fb582079addf86011b Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-1.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-1.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1270992 last-modified: Mon, 03 Aug 2020 11:47:45 GMT etag: "5f27f961-1364d0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1270992 Md5: 6e76e71ebf7277bce1079af604723e23 Sha1: c8fcbea450f77451ce8a6709c54c979e70507ca1 Sha256: 085be44516153804017cb6d998e5b39372a7caa480593c80f97c2c24dfab3de8 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-2.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-2.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 2464052 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-259934" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 2464052 Md5: 5ea931f6f8f26a124460551efe002ac4 Sha1: 36e800547ef0feaa5d7a7ac69e5a24b66c81f907 Sha256: f8e38aed3d19c1771bafe0bab8e336732fcf527dae61034e4c25c66251a170ea Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-3.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-3.webp FQDN: her-cupid.com IP: 54.39.22.228 HASH: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1640424 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-1907e8" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1640424 Md5: c2c8cf2a99d71b95804d661f795b5ce9 Sha1: 5ca43250f3c7bc1a67295381f430df71bffa3a6f Sha256: 12a310bfa2100acb12ae355b75594e42bed1e75d693778c26f1842ba5a26da04 Alerts: Blocklists: - fortinet: Phishing
GET /static/AwAA/images/en/pics-for-bg/gif-center-bottom-ql.webp HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/images/en/pics-for-bg/gif-cen (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 54.39.22.228 HTTP/2 200 OK content-type: image/webp server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT content-length: 1031120 last-modified: Mon, 03 Aug 2020 11:47:48 GMT etag: "5f27f964-fbbd0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image\012- data Size: 1031120 Md5: ed3e40b68948820502bbf1716eae56b2 Sha1: 50ae8497f4d8bea52c4cb2c0177bc5be25c8b263 Sha256: d977d9f29ccba9faae1ffea2dd6b1fa30a8194abe92cec1a4c2fee8dbca18e13 Alerts: Blocklists: - fortinet: Phishing
GET /AwAA/10040/oth?i=P5F1b2OG294&u=6885506135403977693 HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: her-cupid.com/AwAA/10040/oth?i=P5F1b2OG294&u=6885506135 (...) FQDN: her-cupid.com IP: 54.39.22.228 HASH: d5db80f6794a32124fcb889da2c3f35f815ed4c15b267c53f833601cf4032696 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:14 GMT access-control-allow-origin: * x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 11027 Md5: d278dc97a7d99e35283b67984524f6da Sha1: b5668dc33f318004c547a8efdd86f41a0cd0c08e Sha256: d5db80f6794a32124fcb889da2c3f35f815ed4c15b267c53f833601cf4032696
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: cd528f6c2c45e38c52095a73a9cd8c68 Sha1: dca2df874a830edac932136d474453c18d933024 Sha256: 4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 310 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2f24612c82ee38ff338f69e4b8ca32c3f0084d5bcacd580223bb0f8fa5e6cefb 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:15 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 357 Md5: 3b95a569e1d2a2c5688b8605da46c25e Sha1: 8de7c19e20f18fb5eb41adc6674cfef8b23975d0 Sha256: 2f24612c82ee38ff338f69e4b8ca32c3f0084d5bcacd580223bb0f8fa5e6cefb Alerts: Blocklists: - fortinet: Phishing
GET /v14.0/plugins/like.php HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/v14.0/plugins/like.php FQDN: www.facebook.com IP: 31.13.72.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: MXG9hJjHbJjQpa20IYrRYFE8ZghQpBNhVoY5Udt0kpa6FXckCyF94hrpjPCCpz3AYqSzwd5w84Lo1s//h8MJnQ== content-length: 0 date: Wed, 30 Nov 2022 04:28:16 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/AwAA/favicon-150x150.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-150x150.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT content-length: 7017 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-1b69" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 7017 Md5: f19d6f44b496c9dedce8b96bd0f5f829 Sha1: c887ac358a0c8d6979f8b67013954aa8cf4ab1c8 Sha256: 97a873b3ce2ab69cc38287181a190dcd90c09869c0901b5d75e8461f628bef78
GET /static/AwAA/favicon-16x16.png HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/static/AwAA/favicon-16x16.png FQDN: her-cupid.com IP: 54.39.22.228 HASH: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97 54.39.22.228 HTTP/2 200 OK content-type: image/png server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT content-length: 1264 last-modified: Mon, 03 Aug 2020 11:47:36 GMT etag: "5f27f958-4f0" access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1264 Md5: fa61744c0140328a533d26bc93753134 Sha1: ea2b1d32e78280d8207a32aa6214263db134123e Sha256: 2ebf77471663a6227bec80455f199510dcd53f1286a066f2199e7d04de8bac97
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 434 Cache-Control: max-age=104964 Date: Wed, 30 Nov 2022 04:28:16 GMT Etag: "6385d132-1d7" Expires: Thu, 01 Dec 2022 09:37:40 GMT Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c3c6fcc1a6ec6e438b371359a220d437 Sha1: 646d2c502eb3579d0c394dbdd16ef10f60f43063 Sha256: 5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: abd55ecd24d357a9f02612558f723a90 Sha1: 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec Sha256: 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a67f152254e0a2cfaf6ba5e5e51d9ae4 Sha1: 6ddc5ee596d0469d4d5f0bbcd1918677019337b4 Sha256: d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: accounts.google.com/ServiceLogin?continue=https://lh3.g (...) FQDN: accounts.google.com IP: 142.250.74.109 HASH: ce5fce8ca24bacb531d17a7972f322adbd8f8ad2fb2928437a6f184f0d96a6b3 142.250.74.109 HTTP/2 302 Found content-type: text/html; charset=UTF-8 x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Wed, 30 Nov 2022 04:28:16 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S-553091906%3A1669782496203763&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuFSRzWYFjsqvnoTeqIaIeodWRzttui__TdgBSTd5_wShkbiAzWfv-wEZ2z3mK1v0qvRX2q strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: script-src 'nonce-jSXS7Wn9Vr752W_8Uqsd9w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 405 server: GSE set-cookie: __Host-GAPS=1:Hy3Bcr_LzdbBxtaibwKpPxWes1lVIQ:mGJrt9vFN1GfDkVZ;Path=/;Expires=Fri, 29-Nov-2024 04:28:16 GMT;Secure;HttpOnly;Priority=HIGH alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384) Size: 405 Md5: 700050577d6ac338206f885dd2ed458b Sha1: a977b4c3aa7d7a26a257ac4a73e02965acbb7aa3 Sha256: ce5fce8ca24bacb531d17a7972f322adbd8f8ad2fb2928437a6f184f0d96a6b3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ee3d85563851f3d3032c6c0d4eb76e3d7f987e9f239ccba84ad9105e2ed2fc4a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 402 Cache-Control: 'max-age=158059' Date: Wed, 30 Nov 2022 04:28:16 GMT Last-Modified: Wed, 30 Nov 2022 04:21:34 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: b3c67996d24e677f32e223785b85f1de Sha1: f830088a52e62dc7cbb331e0bc0088bc7157fcf0 Sha256: ee3d85563851f3d3032c6c0d4eb76e3d7f987e9f239ccba84ad9105e2ed2fc4a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7be6066aa3576b349ecb2d672c143065739f8e6101b4fbeea64fac2ece68c73d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7BE6066AA3576B349ECB2D672C143065739F8E6101B4FBEEA64FAC2ECE68C73D" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10420 Expires: Wed, 30 Nov 2022 07:21:56 GMT Date: Wed, 30 Nov 2022 04:28:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f26a8330c6c44426f6acf21c005b3f57 Sha1: 86cb19a53321546f23f0c38b511a764402c69083 Sha256: 7be6066aa3576b349ecb2d672c143065739f8e6101b4fbeea64fac2ece68c73d
GET /v3/signin/identifier?dsh=S-553091906%3A1669782496203763&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuFSRzWYFjsqvnoTeqIaIeodWRzttui__TdgBSTd5_wShkbiAzWfv-wEZ2z3mK1v0qvRX2q HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: accounts.google.com/v3/signin/identifier?dsh=S-55309190 (...) FQDN: accounts.google.com IP: 142.250.74.109 HASH: bc8fdcd1480bcf2de84bdf6d3b4ba02b0232dd9128f70392af102ff6a5d975bc 142.250.74.109 HTTP/2 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Wed, 30 Nov 2022 04:28:16 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]} content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-UVE2_AqXs5r7UF7q5cbzRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi" permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 971 Md5: f0222fa75efefbc6d227916e135edde9 Sha1: 7dd4420875e466c13fc46e967ff01f1acc4d6e9a Sha256: bc8fdcd1480bcf2de84bdf6d3b4ba02b0232dd9128f70392af102ff6a5d975bc
GET /user/security/1111 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/user/security/1111 FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 66.254.114.33 HTTP/1.1 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly bs=ogfpd2rff9z7dbhmsscy4wcnobt0kgv3; expires=Sat, 27-Nov-2032 04:28:16 GMT; Max-Age=315360000; path=/; domain=pornhubpremium.com; secure; HttpOnly; SameSite=None ss=117391306712697110; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1026 location: https://www.pornhubpremium.com/premium/login?redirect=f9UcuDBziQ6NJXNYWPKF9qc-YJYxx-o_Xk4YpTC5Or1egNDTaXp_Xg5Z0lxcbOu7 x-frame-options: SAMEORIGIN vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722101BB6485-3D63DC2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premium/login?redirect=f9UcuDBziQ6NJXNYWPKF9qc-YJYxx-o_Xk4YpTC5Or1egNDTaXp_Xg5Z0lxcbOu7 HTTP/1.1 Host: www.pornhubpremium.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=ogfpd2rff9z7dbhmsscy4wcnobt0kgv3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.pornhubpremium.com/premium/login?redirect=f9UcuDBzi (...) FQDN: www.pornhubpremium.com IP: 66.254.114.33 HASH: 6ed60845aa8e0a96e6ccef88278b75e16ec83b88d2904c408a999eb95499a480 66.254.114.33 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT transfer-encoding: chunked set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhubpremium.com; secure; HttpOnly platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhubpremium.com; secure; HttpOnly ss=583987794562461368; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhubpremium.com; secure; HttpOnly fg_0d2ec4cbd943df07ec161982a603817e=40288.100000; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure ats=eyJhIjoyNiwibiI6MywicyI6MiwiZSI6ODAwMCwicCI6NSwiY24iOiJOb3RfTWVtYmVyX0xvZ2luX0MwMDBfNDJfMV80MTEifQ%3D%3D; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhubpremium.com; secure; HttpOnly x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722101BB6485-3D63DFF --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2404) Size: 7798 Md5: 4ea6e4063e81ed071b454dde3bb6c485 Sha1: 6c18ecf763df67a07f4c5325e1848fb579be4911 Sha256: 6ed60845aa8e0a96e6ccef88278b75e16ec83b88d2904c408a999eb95499a480
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: aac788858896764aa56cb38eb0e14d61674885f70ae5d217f548a52e6e5c1a43 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 04:28:16 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 19:48:07 GMT Expires: Tue, 06 Dec 2022 19:48:06 GMT Etag: "e059008669e4d6be11426abb9ad005c743900e80" Cache-Control: max-age=572989,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7720d5da6a0ab515-OSL --- Additional Info --- Magic: data Size: 471 Md5: 219f8629d07ce15c2074cf6cccfc7d76 Sha1: e059008669e4d6be11426abb9ad005c743900e80 Sha256: aac788858896764aa56cb38eb0e14d61674885f70ae5d217f548a52e6e5c1a43
GET /favorite/90902157/mk_1123 HTTP/1.1 Host: www.xvideos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.xvideos.com/favorite/90902157/mk_1123 FQDN: www.xvideos.com IP: 185.88.181.10 HASH: 52971bc1d14dc31dc8b57a7b253459ea4c97513ef908aebf168fda7df2b7148e 185.88.181.10 HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Date: Wed, 30 Nov 2022 04:28:16 GMT P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com z8y8f3q6.ssl.hwcdn.net https://www.xvideos.com https://wg-xvdev.xvideos.com .trafficfactory.biz fonts.googleapis.com fonts.gstatic.com ajax.googleapis.com www.google-analytics.com www.googletagmanager.com .addthis.com .addthisedge.com www.iwanttodeliver.com apis.google.com www.google.com www.gstatic.com accounts.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ .hwcdn.net fcm.googleapis.com .nk-img.com https://static-dev-xvlive.xvideos.com https://dev-api.naked.com http://dev-api.naked.com .googleapis.com .cdn77.org .pingdom.net .exoclick.com .exosrv.com .realsrv.com .orbsrv.com .exdynsrv.com .ackcdn.net .afcdn.net .aucdn.net .adtng.com .adglare.net adinvent.engine.adglare.net .bngpt.com bngpt.com .trafficjunky.net .ohmybutt.com .flirt4free.com .xlovecam.com .wlresources.com .medleyads.com .cams.com .acdn5165543.com .protoawe.com .google-analytics.com livejasmin.com .livejasmin.com .jsmcrptjmp.com .awemwh.com .promo-bc.com .bongacams.com .bongacash.com .gammae.com .servingmillions.com .super-route.com cdn01.flashmediaportal.com engine.asf4f.us .htdvt.com .jerkmate.com .vfgtb.com .hytxg2.com .awemdia.com .cfgr3.com .ajxx98.online .sf4f.us .adworldmedia.com as.air2s.com bngpst.com cretgate.com mysexchatroom.com trknex.com medleyads.com ajxx98.online gamesfromheaven.com go.hpyjmp.com r.trwl2.com bongacams.com clickserve.dartsearch.net afrtrk.com track.cam4tracking.com .smljmp.com sffsdvc.com www.sffsdvc.com bmedia.justservingfiles.net blkditsup.com vast.bimbim.com promo.cameraprive.com bngprl.com .bngprl.com trafforsrv.com serving.stat-rock.com zubivu.com .xxxjmp.com .feelpornx.com .crjugate.com .hqscene.com .xlviirdr.com adulttime.xxx .adulttime.xxx .javhd.com .doppiocdn.com .videosworks.com xlivrdr.com .xlivrdr.com .servetraff.com .adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com cdn.asf4f.us .livejasmin.com .jsmcrptjmp.com .awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com wss://dev-chatserver.camster.com wss://staging-chatserver.camster.com wss://m.1ka.com wss://c1.1ka.com wss://c11.1ka.com wss://c12.1ka.com wss://c13.1ka.com wss://c14.1ka.com wss://c15.1ka.com wss://c16.1ka.com wss://c17.1ka.com wss://c18.1ka.com wss://c19.1ka.com wss://c110.1ka.com wss://c111.1ka.com wss://c112.1ka.com wss://c113.1ka.com wss://c114.1ka.com wss://c115.1ka.com wss://c2.1ka.com wss://c21.1ka.com wss://c22.1ka.com wss://c23.1ka.com wss://c24.1ka.com wss://c25.1ka.com wss://c26.1ka.com wss://c27.1ka.com wss://c28.1ka.com wss://c29.1ka.com wss://c210.1ka.com wss://c211.1ka.com wss://c212.1ka.com wss://c213.1ka.com wss://c214.1ka.com wss://c215.1ka.com wss://c3.1ka.com wss://c31.1ka.com wss://c32.1ka.com wss://c33.1ka.com wss://c34.1ka.com wss://c35.1ka.com wss://c36.1ka.com wss://c37.1ka.com wss://c38.1ka.com wss://c39.1ka.com wss://c4.1ka.com wss://c41.1ka.com wss://c42.1ka.com wss://c43.1ka.com wss://c44.1ka.com wss://c45.1ka.com wss://c46.1ka.com wss://c47.1ka.com wss://c48.1ka.com wss://c49.1ka.com wss://c410.1ka.com wss://c411.1ka.com wss://c412.1ka.com wss://c413.1ka.com wss://c414.1ka.com wss://c415.1ka.com wss://c5.1ka.com wss://c51.1ka.com wss://c52.1ka.com wss://c53.1ka.com wss://c54.1ka.com wss://c55.1ka.com wss://c56.1ka.com wss://c57.1ka.com wss://c58.1ka.com wss://c59.1ka.com wss://c510.1ka.com wss://c511.1ka.com wss://c512.1ka.com wss://c513.1ka.com wss://c514.1ka.com wss://c515.1ka.com https://dev-chatserver.camster.com https://staging-chatserver.camster.com https://m.1ka.com https://c1.1ka.com https://c11.1ka.com https://c12.1ka.com https://c13.1ka.com https://c14.1ka.com https://c15.1ka.com https://c16.1ka.com https://c17.1ka.com https://c18.1ka.com https://c19.1ka.com https://c110.1ka.com https://c111.1ka.com https://c112.1ka.com https://c113.1ka.com https://c114.1ka.com https://c115.1ka.com https://c2.1ka.com https://c21.1ka.com https://c22.1ka.com https://c23.1ka.com https://c24.1ka.com https://c25.1ka.com https://c26.1ka.com https://c27.1ka.com https://c28.1ka.com https://c29.1ka.com https://c210.1ka.com https://c211.1ka.com https://c212.1ka.com https://c213.1ka.com https://c214.1ka.com https://c215.1ka.com https://c3.1ka.com https://c31.1ka.com https://c32.1ka.com https://c33.1ka.com https://c34.1ka.com https://c35.1ka.com https://c36.1ka.com https://c37.1ka.com https://c38.1ka.com https://c39.1ka.com https://c4.1ka.com https://c41.1ka.com https://c42.1ka.com https://c43.1ka.com https://c44.1ka.com https://c45.1ka.com https://c46.1ka.com https://c47.1ka.com https://c48.1ka.com https://c49.1ka.com https://c410.1ka.com https://c411.1ka.com https://c412.1ka.com https://c413.1ka.com https://c414.1ka.com https://c415.1ka.com https://c5.1ka.com https://c51.1ka.com https://c52.1ka.com https://c53.1ka.com https://c54.1ka.com https://c55.1ka.com https://c56.1ka.com https://c57.1ka.com https://c58.1ka.com https://c59.1ka.com https://c510.1ka.com https://c511.1ka.com https://c512.1ka.com https://c513.1ka.com https://c514.1ka.com https://c515.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: .xvideos.com .xnxx.com .red-cdn.com .gold-cdn.com .xvideos-cdn.com .xnxx-cdn.com .others-cdn.com .hwcdn.net .trafficfactory.biz www.google.com www.google-analytics.com ssl.gstatic.com .nk-img.com .camster.com .vscdns.com .doubleclick.net .google.fr .google.com .exoclick.com .exosrv.com .realsrv.com .exdynsrv.com .ackcdn.net .afcdn.net *.aucdn.net bmedia.justservingfiles.net; Referrer-Policy: no-referrer-when-downgrade Set-Cookie: session_token=712c6f8bda7f0709aPR-sqVGDdJPcoKzUOiNoEQqNf7KGne0URaAnhZWXx8k-nCulSrAV_rOMr3BtfrzKMVze5DdG1t-YyyrSDfTValMo76omi9wuicgnoQdcpPRUcoiP92creTuqEHR664MIig5Yrk--zYCdb908YhHFifrHhJMZDRTcWmythNR4F5qZTIpnTJVGgniu9ikftKX; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=.xvideos.com _ga=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com _gat=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xvideos.com Transfer-Encoding: chunked Server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8648) Size: 25869 Md5: 73703bbbbb46eaa81a50dee3e2c74ebc Sha1: 9eb0098dab8debfa57f0df7c65b6d504798c15b7 Sha256: 52971bc1d14dc31dc8b57a7b253459ea4c97513ef908aebf168fda7df2b7148e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8288 x-amzn-requestid: 8b48ce45-1c30-4ea3-8cef-bf3b2e7f106f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgEgFcUIAMFkSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a1c-20e896a62338c6dc45c1ca2a;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:08 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 0bNBjOUnEjVgDrhXO2wYnfemT_030w9kk747Zk9-DTeI0UB-lV073g== via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 21:44:26 GMT age: 24235 etag: "268e6202466941e612ff503835de9091ef4d5b38" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8288 Md5: 2cd563ab005d968185c8d000e38b88c2 Sha1: 268e6202466941e612ff503835de9091ef4d5b38 Sha256: 272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 318 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaCI6ImZhbHNlIn0sImx1aWQiOjQ2OTcyOTg3MzI3OH0=; userid=f849d16bd0e527a0be60b3388fd9bd15b57f531d3f3b5ae7629b88d71be7ded0a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A469729873278%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /video/manage?o=mr&t=pr2 HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/video/manage?o=mr&t=pr2 FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 302 Found content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure bs=7ijwoksnu4edsvejymz23upb7y8tovzl; expires=Sat, 27-Nov-2032 04:28:16 GMT; Max-Age=315360000; path=/; domain=pornhub.com; secure; SameSite=None ss=637571349125944923; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=42398.100000; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6386DBE0-42FE722901BB6485-3D63DF8; Secure; Samesite=None __l=6386DBE0-42FE722901BB6485-3D63DF8; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache ph-redirect: 1041 location: /login vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722901BB6485-3D63DF8 X-Firefox-Spdy: h2 --- Additional Info ---
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 365 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoibG9hZCIsImRhdGEiOnsicmVzcG9uc2VTdGFydCI6MTgzNiwiZG9tSW50ZXJhY3RpdmUiOjIyMjcsImRvbUNvbXBsZXRlIjozNTc4fX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
POST /stats HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 319 Origin: https://her-cupid.com Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjEsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50IjoiZXh0c2VzIiwiZGF0YSI6eyJwaHAiOiJmYWxzZSJ9LCJsdWlkIjo0Njk3Mjk4NzMyNzh9; userid=f849d16bd0e527a0be60b3388fd9bd15b57f531d3f3b5ae7629b88d71be7ded0a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A469729873278%3B%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/stats FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /agEA?usid=1inbv1613psk6&email=&sub1=clear_main&prid=1inbv1613psk6&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9 HTTP/1.1 Host: www2.dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dateexotic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www2.dateexotic.com/agEA?usid=1inbv1613psk6&email=&sub1 (...) FQDN: www2.dateexotic.com IP: 104.21.34.109 104.21.34.109 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Wed, 30 Nov 2022 04:28:13 GMT location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xaW5idjE2MTNwc2s2JmVtYWlsPSZzdWIxPWNsZWFyX21haW4mcHJpZD0xaW5idjE2MTNwc2s2JmJkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjk%3D&h=ff0a32b093664a3cc3f5775be352a61f access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oosTCpQs%2F2%2BhU6JYJGyUKlDQoJYPd4WQLYilW9QV1TdG6G2k1ZfcB5DMnpSTRkUQiW88m1CAID%2F1iNiMVlI3WruucaqC7pSwfxeA56S4YBeWL399hc7oZGQYikqir%2B11PA7cJ%2B6n"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5c3f93fb51d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 174 Origin: https://her-cupid.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: app.api-push.com/get-keys FQDN: app.api-push.com IP: 172.64.138.29 172.64.138.29 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Wed, 30 Nov 2022 04:28:15 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTRqcxz95moGC0R0PLj1HlB2dBStaezVW1rRJDC97HG0MbNlpr83wixctkmeZ6CIZbGCOkwXFGuEJ2otszoWGjl0UFKMU976qmcJcbGbDEK7UNT0zkHlH7ikGtHm441zbXyG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7720d5d28d4d73f3-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:100,400,700,900 FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 04:28:14 GMT date: Wed, 30 Nov 2022 04:28:14 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-id?nbl=&impression=P5F1b2OG294&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&showedPops=0&uri=https%3A%2F%2Fher-cupid.com%2FAwAA%2F10040%2Foth%3Fi%3DP5F1b2OG294%26u%3D6885506135403977693&search=%3Fi%3DP5F1b2OG294%26u%3D6885506135403977693&contactExists=false HTTP/1.1 Host: her-cupid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: slappInfo64_P5F1b2OG294=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJQNUYxYjJPRzI5NCIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwic2hvd2VkUG9wcyI6MCwidXJpIjoiaHR0cHM6Ly9oZXItY3VwaWQuY29tL0F3QUEvMTAwNDAvb3RoP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwic2VhcmNoIjoiP2k9UDVGMWIyT0cyOTQmdT02ODg1NTA2MTM1NDAzOTc3NjkzIiwiY29udGFjdEV4aXN0cyI6ZmFsc2UsImV2ZW50Ijoic3RlcC0xIiwiZGF0YSI6eyJyZWFsX3N0ZXBfbnVtYmVyIjoxfX0= Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: her-cupid.com/user-id?nbl=&impression=P5F1b2OG294&trust (...) FQDN: her-cupid.com IP: 54.39.22.228 54.39.22.228 HTTP/2 200 OK content-type: application/json; charset=UTF-8 server: nginx/1.18.0 (Ubuntu) date: Wed, 30 Nov 2022 04:28:16 GMT set-cookie: userid=f849d16bd0e527a0be60b3388fd9bd15b57f531d3f3b5ae7629b88d71be7ded0a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A469729873278%3B%7D; expires=Fri, 01-Dec-2023 00:44:56 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---
GET /login HTTP/1.1 Host: www.pornhub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: bs=7ijwoksnu4edsvejymz23upb7y8tovzl Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.pornhub.com/login FQDN: www.pornhub.com IP: 66.254.114.41 66.254.114.41 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: openresty date: Wed, 30 Nov 2022 04:28:16 GMT set-cookie: ua=df16c081c25306654a0efb89b8761a08; expires=Thu, 01-Dec-2022 04:28:16 GMT; Max-Age=86400; path=/; domain=pornhub.com; secure platform=pc; expires=Wed, 07-Dec-2022 04:28:16 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure ss=420445882268753077; expires=Thu, 30-Nov-2023 04:28:16 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure fg_0d2ec4cbd943df07ec161982a603817e=43563.100000; expires=Fri, 30-Dec-2022 04:28:16 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure __s=6386DBE0-42FE722901BB6485-3D63E30; Secure; Samesite=None __l=6386DBE0-42FE722901BB6485-3D63E30; Secure; Samesite=None; Max-Age=31556926 x-frame-options: SAMEORIGIN cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: User-Agent rating: RTA-5042-1996-1400-1577-RTA content-encoding: gzip strict-transport-security: max-age=63072000; includeSubDomains; preload x-request-id: 6386DBE0-42FE722901BB6485-3D63E30 X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (26)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.34.109

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (91)

Overview

Domain Summary (26)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.34.109

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: dateexotic.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (91)

Network Intrusion Detection Systems