Overview

URLfunkydaters.com/-QIA
IP 172.67.218.62 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access lock_open
Report completed2023-03-06 16:05:50 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (19)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
ocsp.r2m01.amazontrust.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 700 1894 143.204.48.16
firefox.settings.services.mozilla.com (2) 867 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 782 2374 35.241.9.150
browser.sentry-cdn.com (1) 4393 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 389 21360 151.101.2.217
js.sentry-cdn.com (1) 5259 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 385 1765 151.101.2.217
ocsp.r2m02.amazontrust.com (3) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1050 2922 143.204.48.16
img-getpocket.cdn.mozilla.net (6) 1631 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3246 48932 34.120.237.76
manager.production.almightypush.com (2) 731001 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 944 2157 3.134.218.58
alexatracker.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1117 1157 172.67.204.112
ero-cupid.com (6) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 4937 23457 185.151.246.147
push.services.mozilla.com (1) 2140 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 606 127 52.38.198.114
static.production.almightypush.com (3) 214819 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1198 34218 54.230.111.23
www2.funkydaters.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 873 24056 172.67.218.62
o65532.ingest.sentry.io (1) 747982 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 591 469 34.120.195.249
funkydaters.com (3) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 951 6398 104.21.83.86
contile.services.mozilla.com (1) 1114 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 333 391 34.117.237.239
ocsp.pki.goog (2) 175 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 686 1400 142.250.74.131
ajax.googleapis.com (1) 12905 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 356 32005 142.250.74.170
r3.o.lencr.org (11) 344 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3718 9752 95.101.11.115
content-signature-2.cdn.mozilla.net (1) 1152 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 413 5882 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-03-06 medium funkydaters.com/-QIA Phishing
2023-03-06 medium funkydaters.com/static/js/build/bd.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.218.62
Date UQ / IDS / BL URL IP
2023-04-18 08:19:41 UTC 0 - 0 - 2 funkydaters.com/nAMA?prid=w2kbr84f4lebmg3ois0 (...) 172.67.218.62
2023-03-31 19:30:50 UTC 0 - 0 - 2 funkydaters.com/nAMA?prid=wq3uel3ugrbg5bmnif7 (...) 172.67.218.62
2023-03-25 07:53:52 UTC 0 - 0 - 2 funkydaters.com/-QIA 172.67.218.62
2023-03-22 19:30:05 UTC 0 - 0 - 2 funkydaters.com/-QIA 172.67.218.62
2023-03-09 19:40:10 UTC 0 - 0 - 3 funkydaters.com/-QIA 172.67.218.62


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-05-30 15:09:06 UTC 0 - 1 - 0 webcam-effects.com/server1/nic/Free_Music_Dow (...) 104.21.23.176
2023-05-30 15:09:04 UTC 0 - 1 - 0 webcam-effects.com/server1/stub1/YoutubeDownl (...) 172.67.212.114
2023-05-30 15:08:27 UTC 0 - 2 - 0 file.xxtt.ml/notion-chrome1.4.2.zip 104.21.32.181
2023-05-30 15:07:14 UTC 0 - 0 - 1 onifinancepro.info/ 104.21.6.91
2023-05-30 15:07:07 UTC 0 - 3 - 0 lolminer.ga/download/lolMiner_v1.76_Win64.zip 172.67.180.132


Last 5 reports on domain: funkydaters.com
Date UQ / IDS / BL URL IP
2023-04-30 19:36:48 UTC 0 - 0 - 2 funkydaters.com/nAMA?prid=wml3fer8dec48rcoi2v (...) 104.21.83.86
2023-04-18 08:19:41 UTC 0 - 0 - 2 funkydaters.com/nAMA?prid=w2kbr84f4lebmg3ois0 (...) 172.67.218.62
2023-04-17 11:16:46 UTC 0 - 0 - 2 funkydaters.com/nAMA?prid=weoilc4kq0se8r2oibi (...) 104.21.83.86
2023-04-12 06:13:15 UTC 0 - 0 - 3 funkydaters.com/nAMA?prid=w8i9bvc1siknmuunina (...) 104.21.83.86
2023-04-01 11:50:50 UTC 0 - 0 - 1 funkydaters.com/nAMA?prid=wb3qb4s3l2b3urmn2t4 (...) 104.21.83.86


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-22 05:00:53 UTC 0 - 0 - 1 dateexotic.com/agEA?usid=clear2&email=jennasu (...) 104.21.34.109
2023-03-13 08:05:34 UTC 0 - 0 - 1 dateexotic.com/agEA?usid=d0348v1gnj6s&email=f (...) 172.67.159.164
2023-03-11 22:30:47 UTC 0 - 4 - 0 jfb2ya109uawtest3.pracovdlotal.tk/TSKtBH6B?ke (...) 188.114.97.1
2023-03-09 11:04:48 UTC 0 - 4 - 0 wkz57ttf23llwtest3.mojolbonpta.tk/TSKtBH6B?ke (...) 104.21.57.123
2023-03-08 11:41:58 UTC 0 - 0 - 1 dateexotic.com/agEA?usid=30tualj1bls4t&email= (...) 104.21.34.109

JavaScript

Executed Scripts (10)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (49)


Request Response
                                        
                                            GET /-QIA HTTP/1.1 
Host: funkydaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             104.21.83.86
HTTP/1.1 200 OK
Content-Type: text/html
                                            
Date: Mon, 06 Mar 2023 16:05:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E1NZlCDTL%2Fs%2B8icROoGv2mskSgTzXZZXgQv3Tzh6bQ4yetiPAJkqIxACpZo6EOzJnrJ9OkiXHtBlFwvbW%2B6CDPkk7EM4XMa2g%2FNTj3D4E7K6WzhKPgfHRmWSBf%2F8g9%2FQck%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3bd7684c01b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   960
Md5:    f3de3fe5d7a73390aa87dc822e9647c6
Sha1:   1480de2bf8d55fcc01f4431b61f72b17712a3c42
Sha256: 1e8034e3e8002e04ce2d08b521223cacaf3a2a43905b889d941ea3f9ac6b103e

Blocklists:
  - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12793
Expires: Mon, 06 Mar 2023 19:38:52 GMT
Date: Mon, 06 Mar 2023 16:05:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "88C132AB9697F01E979E74208E0AE12EC410C26B7A79F0CEAD4F9C8F86D12FDA"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9568
Expires: Mon, 06 Mar 2023 18:45:07 GMT
Date: Mon, 06 Mar 2023 16:05:39 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Mar 2023 15:08:35 GMT
age: 3424
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    bc86ef2a0cee04915bc360f5821adc8f
Sha1:   3658f9028cce204d38f7f48fcfaa2a8e4f54383a
Sha256: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19886
Expires: Mon, 06 Mar 2023 21:37:05 GMT
Date: Mon, 06 Mar 2023 16:05:39 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: 4lcnfCdNumpvyR3AmoDwHW60y2vb2rqAmpX82AHI8gbN7jUnE0Z2S09vWrQNxTn29L5viS5owyQ=
x-amz-request-id: MR6CPM6REC7J88EZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Mar 2023 15:17:12 GMT
age: 2907
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    b5ba6334e73496995e3e3a9ecd0eb323
Sha1:   ad80d3b7718c28364e8c2004fb38a13a1747e462
Sha256: aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
                                        
                                            GET /static/js/build/bd.js HTTP/1.1 
Host: funkydaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://funkydaters.com/-QIA

                                        
                                             104.21.83.86
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                            
Date: Mon, 06 Mar 2023 16:05:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7a3bd76a3e3eb518-OSL
Age: 60404
ETag: W/"static/js/build/bd.3ad9d77bdd.js"
Vary: Accept-Encoding
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVyZEQ1g7O%2BFlLS4E0MFBnX02WEbj2jUC92sasVnmuPPk5%2BMlj1rJp9lNKF8BwgVXFGLzJxeKLYf6o7k%2FMVAvuULBBRyRua%2B4UL6UT5VnIX06HwNvpkK9Tk9tRmtFgpLpUM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (8033)
Size:   3571
Md5:    896fa747a8832e6a6ac72bbbcfc917f6
Sha1:   67dc40632c900a9f84280f0898b308b8a6b3e3a5
Sha256: 6e8a3da2d10de2291c78a9b5c4924383914596d719f5a0390f8a4e38a78d9c2b

Blocklists:
  - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Mon, 06 Mar 2023 16:05:39 GMT
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: funkydaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://funkydaters.com/-QIA

                                        
                                             104.21.83.86
HTTP/1.1 200 OK
Content-Type: image/gif
                                            
Date: Mon, 06 Mar 2023 16:05:39 GMT
Content-Length: 47
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWnrNaimuHFk4XufIKQ8xiYUCWI5Hrptk9xH87Ixe8hz00TAPVE49riBAt02D4fPXvWd%2B48jdGjJmvhVbyaK4c8pdV8cgN9DWykHQOPww6UZ4KuFs%2FwyZmB3i1J4tHa5yYo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3bd76b6fcfb518-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   47
Md5:    2f3ca1d38e8b18ef00c4a0eff0889cfc
Sha1:   2f28ed1ccf7c08cf22491757fe20385249db162e
Sha256: af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Mar 2023 15:12:30 GMT
age: 3190
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "872F2081EF126A0358E196338A21F095C376652FEAA7CB9B2BFD6F3149838F60"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19992
Expires: Mon, 06 Mar 2023 21:38:52 GMT
Date: Mon, 06 Mar 2023 16:05:40 GMT
Connection: keep-alive

                                        
                                            GET /?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS8tUUlBP2JkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjkmYnQ9MTY3ODExODczOSZidGg9MTA5OTgyNzEx&h=e22209dd594a11a1861c36d7837c826d HTTP/1.1 
Host: alexatracker.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://funkydaters.com/
Connection: keep-alive
Cookie: trbarid=1961819209973755621
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             172.67.204.112
HTTP/2 301 Moved Permanently
                                            
date: Mon, 06 Mar 2023 16:05:40 GMT
content-length: 0
location: https://www2.funkydaters.com/-QIA?bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&bt=1678118739&bth=109982711&tbsession=1961819209973755621&c=3195895249
set-cookie: trbarid=1961819209973755621;expires=Wed, 05 Mar 2025 16:05:40 GMT;secure;HttpOnly;SameSite=None;path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EV31IxVgH9rBYjooA33rORn9OfMKsgcup1WQiz0oVy45aotkCoCWvB6CPejsu8ZS3aqxkjBn6RMQTJcOzULc6%2BU%2BEif1YkNvoDHU37TUDsMXi1ltVYQjhxgAcvSefNQDXSFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a3bd76e59fb1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P/oqaPnMPnwmOqU4Hmi1hw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             52.38.198.114
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7Oi5gyJgzSKl7TmjqRf20vaI+QM=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "137CAA162A6A58017357AFBEEC15FDB24E91C189C4D294FAECF3650F1E01D092"
Last-Modified: Sun, 05 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19725
Expires: Mon, 06 Mar 2023 21:34:26 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            GET /XQAA/12058/oth?i=WkX3KmQGD1Q&u=1961819209973755621 HTTP/1.1 
Host: ero-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://funkydaters.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             185.151.246.147
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                            
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Mar 2023 16:05:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (467), with CRLF, LF line terminators
Size:   7099
Md5:    2f356cab54b90840815cca70a61204f5
Sha1:   c0a002071ddd7d31d4bee9f13d4cdadd9b4b4c5e
Sha256: bee687f8a923fa351797023056b4ce8386bde7e6f736ff1118894193fc4710aa
                                        
                                            GET /static/NgAA/css/styles.min.css HTTP/1.1 
Host: ero-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             185.151.246.147
HTTP/1.1 200 OK
Content-Type: text/css
                                            
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Mar 2023 16:05:41 GMT
Content-Length: 14054
Connection: keep-alive
Last-Modified: Wed, 20 Apr 2022 14:05:31 GMT
ETag: "6260132b-36e6"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (14050), with no line terminators
Size:   14054
Md5:    7c7128605b68dc5c5074066f7fe50087
Sha1:   a02bdf7787d753e9b92f703a1c94ffa67a7936df
Sha256: ec5c6e7c09b0f1e32e88152db7093221b0d4aa8a7d73e10c7e446f864d5ff4a6
                                        
                                            GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 
Host: js.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ero-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             151.101.2.217
HTTP/2 200 OK
content-type: text/javascript
                                            
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 12
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Mar 2023 16:05:41 GMT
age: 22
x-served-by: getsentry-web-default-common-production-dc677479d-sjr99, cache-bma1676-BMA
vary: Accept-Encoding
timing-allow-origin: https://sentry.io
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1077
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (502)
Size:   1077
Md5:    f168a33e468d994bc37380cb6f1b9844
Sha1:   f07eee5b20ac9dc587e6c8a15a8ec3454a89ba26
Sha256: 38dec94c4484898bf5d2917c3d61ddcf77e2f2388122d2c4551607ffb1e664b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 06 Mar 2023 16:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /7.41.0/bundle.es5.min.js HTTP/1.1 
Host: browser.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ero-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.2.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 12:59:58 GMT
last-modified: Mon, 06 Mar 2023 12:36:39 GMT
etag: "4e6de5ddb0cbc8b033560220b0b6cb7f"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Mar 2023 16:05:41 GMT
age: 11143
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20850
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64341)
Size:   20850
Md5:    4e6de5ddb0cbc8b033560220b0b6cb7f
Sha1:   04a10504d607dcf3a37bfa1355b06f9988906b81
Sha256: d728c7d19bd9664d409576ac95363b2a2f9e29f1e67294d87d93391acf0b58c9
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                            
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 13:36:02 GMT
expires: Fri, 01 Mar 2024 13:36:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
vary: Accept-Encoding
age: 354579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   31021
Md5:    903bc7a7e510f87aa5d0201eb59a0832
Sha1:   ac9aa4dd94cde1bcba9037e94087138b127e41fc
Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 06 Mar 2023 16:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m02.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.48.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Mar 2023 16:05:41 GMT
Etag: "6400fc4c-1d7"
Last-Modified: Mon, 06 Mar 2023 08:36:09 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AvCagjIuiI37cD-kB-iAopiiZdBl0cXoAKpPZ_3FFYoXaRzpdoEvyw==
Age: 26972

                                        
                                            GET /mng/subs_window.css?ver=1672746357 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             54.230.111.23
HTTP/2 200 OK
content-type: text/css
                                            
content-length: 6945
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Mar 2023 09:07:19 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZoK3zJuxkJT4qz1Q9FqTLir48GwKmmd_qF9ZF_Vay1f49f-G4abBjA==
age: 25140
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   6945
Md5:    bd7dbae15f904a4e1213439ebfefddbe
Sha1:   9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
Sha256: 30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m02.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.48.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86133
Date: Mon, 06 Mar 2023 16:05:41 GMT
Etag: "64039f49-1d7"
Expires: Tue, 07 Mar 2023 16:01:14 GMT
Last-Modified: Sat, 04 Mar 2023 19:43:05 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n3RLiusxtE5mfXDZ1jDNaWHU5g5oBfpPkCVDFAl0rucudQ226mjqzw==
Age: 73089

                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m02.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.48.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Mar 2023 16:05:41 GMT
Last-Modified: Sun, 05 Mar 2023 17:32:10 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OslHl_cBXReNF2fGSmJeB7XDGykN0zuWQ8pT2LhWcrytpVqtyUg1jA==
Age: 81212

                                        
                                            GET /-QIA?bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&bt=1678118739&bth=109982711 HTTP/1.1 
Host: www2.funkydaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://funkydaters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             172.67.218.62
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                            
date: Mon, 06 Mar 2023 16:05:40 GMT
location: https://alexatracker.com/?r=aHR0cHM6Ly93d3cyLmZ1bmt5ZGF0ZXJzLmNvbS8tUUlBP2JkYXRhPWV5SmtZWFJoSWpwN0luQnNZWFJtYjNKdElqb2lUR2x1ZFhnZ2VEZzJYelkwSW4wc0ltVjRkSEpoSWpwN0lrNWhkbWxuWVhSdmNpNXdiR0YwWm05eWJTSTZXeUpNYVc1MWVDQndiR0YwWm05eWJTQmhibVFnVjJsdVpHOTNjeUIxYzJWeUlHRm5aVzUwSUdSdklHNXZkQ0J0WVhSamFDSmRmU3dpWlhKeWIzSnpJanA3SW1sbWNtRnRaU0k2V3lKallXNG5kQ0JoWTJObGMzTWdjSEp2Y0dWeWRIa2dYQ0poY0hCbGJtUkRhR2xzWkZ3aUxDQmtiMk4xYldWdWRDNWliMlI1SUdseklHNTFiR3dpWFN3aVkyRnVkbUZ6WDJOdmJuUmxlSFFpT2xzaVJtRnBiR1ZrSUhSdklHZGxkQ0JqWVc1MllYTWdZMjl1ZEdWNGRDSmRmU3dpWW05MFUyTnZjbVVpT2lJeU5DSjkmYnQ9MTY3ODExODczOSZidGg9MTA5OTgyNzEx&h=e22209dd594a11a1861c36d7837c826d
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP%2FPz%2FOF302kSW%2BOwoVnDPVnpmbSaLLu7FjzjWYYnK1LSBFOXCpo6YvbL12vghGAjY0%2Bej4Euh3YR56VyKBGhRKIUy1Vcd%2BswRHnAfCykeySPeTQPi%2BlNSuudjYzUPN28mIaxhtj9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3bd76aec210b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   22787
Md5:    3b6653c5e8ba364d3a55401890bfcd78
Sha1:   ee999f16f02d41b93d1db2bf3a489fab1034e67a
Sha256: a598ef0100e73e2d81969e0a59374e915ccfe7c312603b4b1375bbd0e75498d5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "83208678E6DC01431FBF2CF808BD3DB6F55254CC8F67F1FF95512599C766012D"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20299
Expires: Mon, 06 Mar 2023 21:44:00 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            GET /mng/subs_window.js?ver=1672746357 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             54.230.111.23
HTTP/2 200 OK
content-type: application/javascript
                                            
content-length: 19491
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Mar 2023 04:17:42 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zRNNSfjOzRV8CquPjFEpDQgKRxlFK6YQUUEszW6c2VDBasA87erEpA==
age: 42516
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   19491
Md5:    ae593f4be1dd1f0710123918b49c4933
Sha1:   66fbe30bb873e0a47d3d72e737d68aa4b6916c26
Sha256: fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
                                        
                                            POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.41.0 HTTP/1.1 
Host: o65532.ingest.sentry.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ero-cupid.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://ero-cupid.com
Content-Length: 426
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             34.120.195.249
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Mon, 06 Mar 2023 16:05:41 GMT
content-length: 2
access-control-allow-origin: https://ero-cupid.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /worker.js HTTP/1.1 
Host: ero-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             185.151.246.147
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                            
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Mar 2023 16:05:41 GMT
Content-Length: 83
Connection: keep-alive
Last-Modified: Mon, 03 Jan 2022 14:14:05 GMT
ETag: "61d304ad-53"
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   83
Md5:    64017acd2edfab8cbd7907f8e6540a0d
Sha1:   46da5f5bcebaea63581f01bab1701bb23981e7dc
Sha256: 1880d7fa83d8e3a777ffd08aa61ca4a95174d1b9c30aecad1fa387a269c4dd0c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "83208678E6DC01431FBF2CF808BD3DB6F55254CC8F67F1FF95512599C766012D"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20299
Expires: Mon, 06 Mar 2023 21:44:00 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            GET /mng/channels/sw.min.js HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ero-cupid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             54.230.111.23
HTTP/2 200 OK
content-type: application/javascript
                                            
content-length: 6277
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Mar 2023 07:52:15 GMT
etag: "03b71607d0eb65df0c65a3d5fece3706"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hlyY2GU1CVv7qSdRkdlJXd3CMsmRaWsNWgozzzQrHhaBiBmohxoZyQ==
age: 29607
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6277
Md5:    03b71607d0eb65df0c65a3d5fece3706
Sha1:   871375fc1daff080ef7657a83058cbbe674d62e9
Sha256: 1a59bbb1f7d210cbcad77e4fa12797ac225f574c2d65b72ed3695719f6e84caf
                                        
                                            GET /user-id?nbl=&impression=WkX3KmQGD1Q&trustLevel=0&botScore=0&finishClicksCount=0&landingConfig=&landingPageConfig=&extraRequestData=&showedPops=0&uri=https%3A%2F%2Fero-cupid.com%2FXQAA%2F12058%2Foth%3Fi%3DWkX3KmQGD1Q%26u%3D1961819209973755621&search=%3Fi%3DWkX3KmQGD1Q%26u%3D1961819209973755621&contactExists=false HTTP/1.1 
Host: ero-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: slappInfo64_WkX3KmQGD1Q=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJXa1gzS21RR0QxUSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwibGFuZGluZ1BhZ2VDb25maWciOm51bGwsImV4dHJhUmVxdWVzdERhdGEiOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vZXJvLWN1cGlkLmNvbS9YUUFBLzEyMDU4L290aD9pPVdrWDNLbVFHRDFRJnU9MTk2MTgxOTIwOTk3Mzc1NTYyMSIsInNlYXJjaCI6Ij9pPVdrWDNLbVFHRDFRJnU9MTk2MTgxOTIwOTk3Mzc1NTYyMSIsImNvbnRhY3RFeGlzdHMiOmZhbHNlfQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        
                                             185.151.246.147
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                            
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Mar 2023 16:05:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: userid=8661537d7539bc0e9404e0e8dddba5f0055b5ddf9e267d99c0e7136a03e6712ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A820990013561%3B%7D; expires=Wed, 06-Mar-2024 12:22:21 GMT; Max-Age=31609000; path=/; HttpOnly; SameSite=Lax
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   38
Md5:    3fe65ce4c5065e4c048c6f674808d014
Sha1:   bbb9847b1d81b65db17cf9a7b0c647c8db7af2da
Sha256: 7cbab70f6f353b822de516dc7bdd301b391691990f1e542ddc2ce1cc7cff4051
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Mon, 06 Mar 2023 17:11:44 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Mon, 06 Mar 2023 17:11:44 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Mon, 06 Mar 2023 17:11:44 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            POST /stats HTTP/1.1 
Host: ero-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 402
Origin: https://ero-cupid.com
Connection: keep-alive
Cookie: slappInfo64_WkX3KmQGD1Q=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJXa1gzS21RR0QxUSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6bnVsbCwibGFuZGluZ1BhZ2VDb25maWciOm51bGwsImV4dHJhUmVxdWVzdERhdGEiOm51bGwsInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vZXJvLWN1cGlkLmNvbS9YUUFBLzEyMDU4L290aD9pPVdrWDNLbVFHRDFRJnU9MTk2MTgxOTIwOTk3Mzc1NTYyMSIsInNlYXJjaCI6Ij9pPVdrWDNLbVFHRDFRJnU9MTk2MTgxOTIwOTk3Mzc1NTYyMSIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImxvYWQiLCJkYXRhIjp7InJlc3BvbnNlU3RhcnQiOjE0NjYsImRvbUludGVyYWN0aXZlIjoxODk5LCJkb21Db21wbGV0ZSI6MTkxN319
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        
                                             185.151.246.147
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                            
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Mar 2023 16:05:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Size:   364
Md5:    cee10ab583dc227533f1a475034420ec
Sha1:   609258660da7a3f1b22bdfed8b1003c9b8a631e9
Sha256: f5bf8a5a2a61e984af40f7252daf5a4dcfa52b39803ac2a637dcc6a106f82a05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8161
x-amzn-requestid: c9201eea-8216-4a14-803c-b947465f327c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6k1GA4oAMFpkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050aeb-4c2595df7964fd650a9de81f;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: QmcXVosHU7BBbvg9sgjmx-h4g8OCN024Oj-VkOUc0GdMgaF0WesCJg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:21:04 GMT
age: 63877
etag: "dbae31696a00f5f6c8495de0983ff8a08e77f970"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8161
Md5:    69536c57b14c2419255e2386dd07e825
Sha1:   dbae31696a00f5f6c8495de0983ff8a08e77f970
Sha256: 7e09f086bc5f848e3ff503a2ab61392a57a0149af47f20415e5adeb2408e02e5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "E5805F2922506BD022A7FE734D1022156241E88653EA5D16D5A698AC7067828B"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Mon, 06 Mar 2023 17:11:44 GMT
Date: Mon, 06 Mar 2023 16:05:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 6155
x-amzn-requestid: 99998e44-c2f0-4973-bede-44c33036ba4d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7U7HA-oAMFQww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050c1f-7f8fe3f96531b57c69584754;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:39:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zEWUxG77GT-uaewuPLzCl7DptXf5xbmQtBX7_tEaichah3kC3tmKAA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:16:07 GMT
age: 64174
etag: "1099ae20c50109211fc9318ece50a784fec998f9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6155
Md5:    02cd95c30a65a0c80928e653abedeefa
Sha1:   1099ae20c50109211fc9318ece50a784fec998f9
Sha256: 08162a68f91d9149ace613460e3dfae80ceac1dbe505c79642138032100335bb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18bfa351-16bf-432a-ae68-78856a5cd3cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 7283
x-amzn-requestid: 40be1d2c-3b61-4f66-9513-2533032e56a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7MIFGRoAMFghA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050be6-58eee1715cb9256849b7cece;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: t4S1VMsPXAyAlHs40CbmTZJ5jBeFn6aCD6W4yP88zkte6x8GJkA1TA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:45:50 GMT
age: 65991
etag: "579dd82050cba63d527e066ef0b67e3d015994e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7283
Md5:    41701ffc7b7299a6eeb3d0a3d5e191c8
Sha1:   579dd82050cba63d527e066ef0b67e3d015994e3
Sha256: 6769a7226568cad7489b72e861a6add459efa885f78ba6ed3cf3275ce4ffb1bb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 10332
x-amzn-requestid: bcb59433-4093-4bb3-b6d3-69f5489d5ef9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6iVE07oAMF28A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050adb-757a083b7be05f886d8d6edc;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 034zEZAbWUmixhooZf4KqxdabRAyWiMDzsMzTkNX29m1SZjQqiWywQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:07:33 GMT
age: 64688
etag: "c912f5fcb7985842877c76686c6bcd356b5977ff"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10332
Md5:    9ab3964124c43755909f9891e162d3c7
Sha1:   c912f5fcb7985842877c76686c6bcd356b5977ff
Sha256: 34627773ad1d710b054986c725eb8e8a4c7d8fbac31e6724e83217dc06cfaaad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qd5FIKUZwnnKiIzEnrA7ZcC_yWa9_iP1r7xUaCP4f6I7m_z3ChB-2A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 07:29:19 GMT
age: 30982
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3381
Md5:    4726917eabc29a977873ad26e264e70d
Sha1:   4619a0418ee08d6618ead537f31823c98f355b5a
Sha256: d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 7250
x-amzn-requestid: 5ae814e4-592b-4811-a724-d807b69ebd2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6hUHslIAMF26w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050ad4-051cb0632863689209d81d45;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 66AYoAs_rFJQ7dwagQyaBCAFJtuuOS3FcIgNT6es0h3cAITyEaYTTQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:42:16 GMT
age: 66205
etag: "c649916591826b4db490b98cbe530533818daf0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7250
Md5:    49dbeca46074e859a5a2958fdec9b28b
Sha1:   c649916591826b4db490b98cbe530533818daf0d
Sha256: cb33caa142deb6570ce9e8a382d7fce45ba0101cdbc65ee6319dd23693f22086
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ero-cupid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: slappInfo64_WkX3KmQGD1Q=eyJuYmwiOm51bGwsImltcHJlc3Npb24iOiJXa1gzS21RR0QxUSIsInRydXN0TGV2ZWwiOjAsImJvdFNjb3JlIjowLCJmaW5pc2hDbGlja3NDb3VudCI6MCwibGFuZGluZ0NvbmZpZyI6eyJ0cmFmZmljV2l0aEVtYWlsQ2FzY2FkZUlkIjp0cnVlLCJyZWFsVXNlcnNDYXNjYWRlSWQiOmZhbHNlLCJtYWluQ2FzY2FkZSI6dHJ1ZSwiYmFja0Nhc2NhZGUiOnRydWUsInNlY29uZENsaWNrQ2FzY2FkZSI6dHJ1ZSwicG9wc0Nhc2NhZGUiOnRydWUsInBvcHNDb3VudCI6MX0sImxhbmRpbmdQYWdlQ29uZmlnIjp7ImJhbm5lckNvZGUiOiIiLCJiYW5uZXJQb3NpdGlvbiI6MX0sImV4dHJhUmVxdWVzdERhdGEiOnsic3ViaWQxIjoiMTExIiwic3ViaWQyIjoiIiwic3ViaWQzIjoiIiwic3ViaWQ0IjoiIiwic3ViaWQ1IjoiIiwicGhvbmUiOiIiLCJlbWFpbCI6InppbmdlckBzbHVycG1haWwubmV0In0sInNob3dlZFBvcHMiOjAsInVyaSI6Imh0dHBzOi8vZXJvLWN1cGlkLmNvbS9YUUFBLzEyMDU4L290aD9pPVdrWDNLbVFHRDFRJnU9MTk2MTgxOTIwOTk3Mzc1NTYyMSIsInNlYXJjaCI6Ij9pPVdrWDNLbVFHRDFRJnU9MTk2MTgxOTIwOTk3Mzc1NTYyMSIsImNvbnRhY3RFeGlzdHMiOmZhbHNlLCJldmVudCI6ImxvYWQiLCJkYXRhIjp7InJlc3BvbnNlU3RhcnQiOjE0NjYsImRvbUludGVyYWN0aXZlIjoxODk5LCJkb21Db21wbGV0ZSI6MTkxN30sImx1aWQiOjgyMDk5MDAxMzU2MX0=; userid=8661537d7539bc0e9404e0e8dddba5f0055b5ddf9e267d99c0e7136a03e6712ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22userid%22%3Bi%3A1%3Bi%3A820990013561%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             185.151.246.147
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                            
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Mar 2023 16:05:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   43
Md5:    384ca34aa16dc6ce293be59be14debee
Sha1:   8e534edfbebe4b1a7021bd042dafb9bb724653fe
Sha256: 3452525005a4a39d8f274e312a7a28b6c081bd6d68b5ccce3b1bedd2721b79ea
                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m01.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.48.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Mar 2023 16:05:41 GMT
Last-Modified: Sun, 05 Mar 2023 20:17:31 GMT
Server: ECAcc (nya/7958)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -sRGhLkJ_ZCeXqhAf_pVw4Rg0rPVlF0J8pP_acHoKP0n0fsT2P3-og==
Age: 71290

                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m01.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.48.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Mar 2023 16:05:41 GMT
Last-Modified: Sun, 05 Mar 2023 20:14:42 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bY66IRLmLMicm6-gJCQ8POO1MIzN-ELBcoEBoa11W28QQ6eI7CxqXA==
Age: 71459

                                        
                                            OPTIONS /api/v1/code-snippet/ HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: channel-token
Origin: https://ero-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             3.134.218.58
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                            
date: Mon, 06 Mar 2023 16:05:42 GMT
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://ero-cupid.com
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

                                        
                                            GET /api/v1/code-snippet/ HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Channel-Token: NjNkMmRmNTQ2ZmEzOTBmZDIzMzI5OWM1ZGZmYzZkZGE9MTM4NzU9Lz0zMzM=
Origin: https://ero-cupid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             3.134.218.58
HTTP/2 200 OK
content-type: application/json
                                            
date: Mon, 06 Mar 2023 16:05:42 GMT
content-length: 1190
server: gunicorn/19.9.0
vary: Accept, Origin
allow: GET, POST, HEAD, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://ero-cupid.com
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1190), with no line terminators
Size:   1190
Md5:    325a240ab410859755c6e022b348f1b8
Sha1:   42384aef29bd0eefa66d1104d582c5d8d79af0ac
Sha256: f40776e1ac73deaba5bcdac3eca6dc3c7e4fefab6218ad277e6087d1cc7fa39a