findher2date.com/tds/ae?tdsId=s0278yas_r&tds_campaign=s0278yas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=4641276d&subid=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&clickid=wlkp2uu78i0p1gql2egfhpm2&subid2=Mainstream
18.193.35.39302 Found 0 B URL HTTP/1.1 findher2date.com/tds/ae?tdsId=s0278yas_r&tds_campaign=s0278yas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=4641276d&subid=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&clickid=wlkp2uu78i0p1gql2egfhpm2&subid2=Mainstream
IP 18.193.35.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds/ae?tdsId=s0278yas_r&tds_campaign=s0278yas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=4641276d&subid=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&clickid=wlkp2uu78i0p1gql2egfhpm2&subid2=Mainstream HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 11 Jan 2023 00:46:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=ebbd8678ee2b29569b58e88bf728929a0339cc75; Max-Age=31536000; Domain=.findher2date.com; Path=/; Expires=Thu, 11 Jan 2024 00:46:50 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Mon, 16 Jan 2023 00:46:50 GMT
Location: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8002
Expires: Wed, 11 Jan 2023 03:00:12 GMT
Date: Wed, 11 Jan 2023 00:46:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2198
Expires: Wed, 11 Jan 2023 01:23:28 GMT
Date: Wed, 11 Jan 2023 00:46:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 10 Jan 2023 23:48:34 GMT
content-type: application/json
age: 3496
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8ccb7b2b89aec333fabc04d37337892
c2a13a42c1bd0cf7ce68d9c13b3d6ba1044b5283
75fcc3ea090454e3489a131b70ab50798fec6a08664745027d7a1cf62c6aba28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FCC3EA090454E3489A131B70AB50798FEC6A08664745027D7A1CF62C6ABA28"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Wed, 11 Jan 2023 01:28:04 GMT
Date: Wed, 11 Jan 2023 00:46:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7rxkOyIh7O7zdZYKsf34A1aUKt6sLLV79RGOe+5VU8loj5jqxN5gWtn+fC6JGOhwuVQoGyHrd7k=
x-amz-request-id: 9W5943NSR7MZRSSV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 00:16:50 GMT
age: 1800
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 00:46:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 00:33:45 GMT
age: 785
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash edc967dd942ff1fe6d79b7c0017a71b9
9594fb3f38e29c7fba615d25dcce820de1b14c35
84ea64a12663c9b3ba70490ab53149b813d48e66db90b0acddd95aa7212475b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 00:46:50 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LRX0Qh1OiAgCvgWqvKfQbeL9CE0zUV_R-RaDAdmM7O_WDQ7hHk1OhA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5561
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:51 GMT
Last-Modified: Tue, 10 Jan 2023 23:14:10 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
findher2date.com/bridge/intg.js?v=8
3.125.187.5200 OK 269 B URL HTTP/2 findher2date.com/bridge/intg.js?v=8
IP 3.125.187.5:0
Hash 8c8514ed7eae8968b59692f7897f2857
69e9f6e0625ef8bf0a4099b05f7356587e3e62be
556f2a46047c9b8dedbae5ef8c59dc7ea04ff88e76d7dcda568f1eb2dce03548
Analyzer Verdict Alert fortinet Phishing
GET /bridge/intg.js?v=8 HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: application/javascript; charset=UTF-8
content-length: 269
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 28 Dec 2022 12:21:19 GMT
etag: W/"10d-18558ae0a18"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.202.152.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.152.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xNLa4XQQDmqV2C1PJ/2DlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cFOPMZ4nIglSwPRNEPncfX7hSMg=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4869dd33e55646a13f30e71c4e677a6e
bbbac08ceb5f444c9e6ec277dbfa280ec788fa8e
a5ad5a0bf5db110a5a24570a5b3426566aa90b14f2bbfdfd35d0869589be52c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 00:46:51 GMT
Last-Modified: Tue, 10 Jan 2023 23:06:11 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gQP0iqY4i12FS-CCh-1f4vOT0bAyyNpdZs1oYWPZfyhA_LT7mDOA9Q==
Age: 6040
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
findher2date.com/bridge/ao_loader.js
3.125.187.5200 OK 836 B URL HTTP/2 findher2date.com/bridge/ao_loader.js
IP 3.125.187.5:0
File type ASCII text, with very long lines (835)
Hash 05f233960b55dfe40742964902345911
e00af7d954b5032f95c32341794e0f4d73208bff
d5d65364c02602f4fae5c63195607cfff433ac59d4c7d756e4a0a2e6f33ccd19
Analyzer Verdict Alert fortinet Phishing
GET /bridge/ao_loader.js HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: application/javascript; charset=UTF-8
content-length: 836
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 28 Dec 2022 12:21:19 GMT
etag: W/"344-18558ae0a18"
vary: Accept-Encoding
X-Firefox-Spdy: h2
findher2date.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Ffindher2date.com%2Fjump%3Futm_content%3Dts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2%26tds_rt%3D%26tds_host%3Dfindher2date.com%26dci%3Debbd8678ee2b29569b58e88bf728929a0339cc75%26id%3D23302%26_tgUrl%3DaHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw%26tds_ac_id%3Ds0278yas%26utm_source%3Dintc%26utm_campaign%3D4641276d%26tds_cid%3D6c55df27420b2b6b4dc81649d959bb2cb938d29b%26s3%3DMainstream%26tds_id%3Db0506rie_jump_a_1601039183809%26tds_ao%3D1%26data2%3Dwlkp2uu78i0p1gql2egfhpm2%26s1%3Dps%26tds_oid%3D23302%26tds_campaign%3Db0506rie&uaDataValues={}
3.125.187.5200 OK 292 kB URL HTTP/2 findher2date.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Ffindher2date.com%2Fjump%3Futm_content%3Dts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2%26tds_rt%3D%26tds_host%3Dfindher2date.com%26dci%3Debbd8678ee2b29569b58e88bf728929a0339cc75%26id%3D23302%26_tgUrl%3DaHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw%26tds_ac_id%3Ds0278yas%26utm_source%3Dintc%26utm_campaign%3D4641276d%26tds_cid%3D6c55df27420b2b6b4dc81649d959bb2cb938d29b%26s3%3DMainstream%26tds_id%3Db0506rie_jump_a_1601039183809%26tds_ao%3D1%26data2%3Dwlkp2uu78i0p1gql2egfhpm2%26s1%3Dps%26tds_oid%3D23302%26tds_campaign%3Db0506rie&uaDataValues={}
IP 3.125.187.5:0
Size 292 kB (291749 bytes)
Hash 00ff9a16bb25da001e50706b6dbbb7f3
a0acd2f42b6836e8789f76abae5b6d79c56abdf6
a48cd8ae848ea052feb5802e0a9deeeba0ab2354d3edc17de5d46e8190b2746f
GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Ffindher2date.com%2Fjump%3Futm_content%3Dts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2%26tds_rt%3D%26tds_host%3Dfindher2date.com%26dci%3Debbd8678ee2b29569b58e88bf728929a0339cc75%26id%3D23302%26_tgUrl%3DaHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw%26tds_ac_id%3Ds0278yas%26utm_source%3Dintc%26utm_campaign%3D4641276d%26tds_cid%3D6c55df27420b2b6b4dc81649d959bb2cb938d29b%26s3%3DMainstream%26tds_id%3Db0506rie_jump_a_1601039183809%26tds_ao%3D1%26data2%3Dwlkp2uu78i0p1gql2egfhpm2%26s1%3Dps%26tds_oid%3D23302%26tds_campaign%3Db0506rie&uaDataValues={} HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"76c31-Albg8uhj8oLGG5mnIkP0JGDok0A"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
findher2date.com/ao.js
3.125.187.5200 OK 2.2 kB IP 3.125.187.5:0
Hash 6e8dba6838cc9187759397223ef05e7a
cf7e97e2651d9f189a07cefbe9d836b120c5c41c
27269684f93f13af1bcb712fb89afa42f1eb1443d42d7f44f81eecee66a1e774
Analyzer Verdict Alert fortinet Phishing
GET /ao.js HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 28 Dec 2022 12:21:19 GMT
etag: W/"1509-18558ae0a18"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6b11b6253aaf522320ab85bcb5a7ae3e
12caaeaf823a0ce97549d4bf2cc727c135313b22
6539b16feab0102e166ffb63e5a5f8dc2e917053d430f093f4e99687ce716324
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (4073)
Hash ab0aa3dc225d1d2a11f13646312c2df4
cfadfa6a9b76f7bcb7001c9cb2899830188bfcbd
1c08f9f82f02b9e6820f1a118b815519b7790e7bd0c54976a573354df603693c
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jan 2023 00:46:51 GMT
expires: Wed, 11 Jan 2023 00:46:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 11 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
findher2date.com/bridge/crypto-4.1.1.js
3.125.187.5200 OK 40 kB URL HTTP/2 findher2date.com/bridge/crypto-4.1.1.js
IP 3.125.187.5:0
Hash aa6ac3ed606eec92790120dcc19da49a
4e26640de12000afb8f70908f200b29bf9aa6eea
49923b7dd5a341ea87f6b6adbd6e029ea9b2451cc61fb31e8c07208131e8d867
Analyzer Verdict Alert fortinet Phishing
GET /bridge/crypto-4.1.1.js HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 28 Dec 2022 12:21:19 GMT
etag: W/"bde2-18558ae0a18"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
54.230.111.104200 OK 1.2 kB URL HTTP/2 cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
IP 54.230.111.104:0
Hash 2dc05d447ba79f3dd581ce6076ffb1f3
c1e861f7deff243af8a957cc8efbb29bfddbbf7a
b9b40f58edfa216b69f986ea7b6a5a4c98ebdd6993b26325f2361fd71e4c846f
GET /landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 11 Jan 2023 00:46:51 GMT
last-modified: Tue, 02 Apr 2019 15:21:31 GMT
content-encoding: gzip
etag: W/"5c1-5858db10f34c0"
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iCrwiJcSmLjaayAoVC7tDxzudBAzPWJfwn3URXjlDtjdvWNY3i2rJg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 717e46c67f1d7a8ed063b7a549838f8e
101c70474277ecf8e100263c8475ee27b2926c52
9d9163281abf23d2a036a7ecc974b212e711ace76e015238d77e3c215bafac0f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 00:46:52 GMT
Last-Modified: Wed, 11 Jan 2023 00:05:22 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vaIs5LdygZgpt1ZtUs7QpSB1q4oRE1jLukXs555s3G0pMbwbyxAmQg==
Age: 2490
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b78bb80d4b9c0f5b434f1bb2ecdebb51
7407a21a41e7750f74eca5a85d274f6fd01225fa
9a46cf2328b20a3f2d47481221aecd56d700f440287bc334b7123793c19f163b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
142.250.74.3200 OK 11 kB URL HTTP/2 www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (40876)
Hash 5df942bc55c20f421cf56876855ced51
61e1c33b26d5a693425a8c229f90b1ea39736f29
3fb9f58427a7229af7bfb3c37e2f9718ba1e8776c368a80c511c6e27466d4932
GET /firebasejs/8.6.8/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10869
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 16:55:50 GMT
expires: Fri, 05 Jan 2024 16:55:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
content-type: text/javascript; charset=UTF-8
age: 460262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b78bb80d4b9c0f5b434f1bb2ecdebb51
7407a21a41e7750f74eca5a85d274f6fd01225fa
9a46cf2328b20a3f2d47481221aecd56d700f440287bc334b7123793c19f163b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 00:46:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn3reference.com/landings/23302/images/bg-web2.jpg
54.230.111.104200 OK 134 kB URL HTTP/2 cdn3reference.com/landings/23302/images/bg-web2.jpg
IP 54.230.111.104:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1813x809, components 3\012- data
Size 134 kB (134448 bytes)
Hash ef1a29775d4ead3628064718b908a24d
bdd05dca0cd677973768797fef9bf486a63b8929
650dc0654bd6a95350f544d863fc2a8cf6ac1010a9075b476febee2d861dc77b
GET /landings/23302/images/bg-web2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 134448
server: nginx
date: Wed, 11 Jan 2023 00:46:51 GMT
last-modified: Tue, 02 Apr 2019 14:25:38 GMT
etag: "20d30-5858ce9347c80"
accept-ranges: bytes
cache-control: public, max-age=604800
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Iaevrdddmd0BrV9tUGORICG87rJHcSRDiMP8877aAgx8FPOFsk3vsA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15073
Expires: Wed, 11 Jan 2023 04:58:05 GMT
Date: Wed, 11 Jan 2023 00:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15073
Expires: Wed, 11 Jan 2023 04:58:05 GMT
Date: Wed, 11 Jan 2023 00:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15073
Expires: Wed, 11 Jan 2023 04:58:05 GMT
Date: Wed, 11 Jan 2023 00:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15073
Expires: Wed, 11 Jan 2023 04:58:05 GMT
Date: Wed, 11 Jan 2023 00:46:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15073
Expires: Wed, 11 Jan 2023 04:58:05 GMT
Date: Wed, 11 Jan 2023 00:46:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ab4088a-c5c2-4d36-82ce-a0b30cca3874.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ab4088a-c5c2-4d36-82ce-a0b30cca3874.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5db571afb21524342feeefa028b67ad6
66e685f9300fb4b88b0eae81f1ec7c53d25856c0
3b1269ba068daccbd1b4052e66b380fedb3038a152e342fcf46ac34d733fbdb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ab4088a-c5c2-4d36-82ce-a0b30cca3874.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9777
x-amzn-requestid: 6dbeed13-0c06-4106-92fb-10f0f84e3e76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaWouF1XIAMFenQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba6b04-6f476112593aa07c36b1de5a;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 07:04:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8aNogPFl7kihgLZSuQero9lZBGhN6QZUd9Mpln-xKdWVO248yZXp_w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 07:59:16 GMT
age: 60456
etag: "66e685f9300fb4b88b0eae81f1ec7c53d25856c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
retarget2core.com/fp/fp_ec.js
52.58.118.128200 OK 9.5 kB URL HTTP/2 retarget2core.com/fp/fp_ec.js
IP 52.58.118.128:0
Hash 81f72cd79ffbf17498683b8c8710dc27
72f55f1e403c91e4775de88866aad395f6855be3
9692b455f0144be73bd1b55e351ef9cddb8076496a778ef5c3a00683abc3126e
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 28 Dec 2022 12:21:19 GMT
etag: W/"4bd-18558ae0a18"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmS2bnkBSYTi7rEZuQ_frZ6GwU-PHrD3GfDXv7rDkp_ytjR7c9FhWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 09:21:14 GMT
age: 55538
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
3.125.187.5200 OK 8.6 kB URL HTTP/2 findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
IP 3.125.187.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e9f2470a22b467c2f989b4e4eee885ae
0c8afb91849ffb943338ea76074d23cfe59b92cc
8338b416e31282cec73f8caf6e6b91a6ed76ffb822f61b680b415ef6ab2bba97
GET /jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0913190-e31b-4c96-855f-2bfaad52069d.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0913190-e31b-4c96-855f-2bfaad52069d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6a452580682fb2abd0370e2ee18d22f
15535f98fb85395f43dfab21404ac3fd58145cef
cedd5a33be13d199a47980940000acf11bdededcf265c393a1a5c840c6783d15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0913190-e31b-4c96-855f-2bfaad52069d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2998
x-amzn-requestid: 097bfe55-cf2d-4d2b-8df3-09f12bfb6ad3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaWouEKxoAMFQ9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba6b04-6bdfb86a2d6831746005d657;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 07:04:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QuOsDhluQb28l_OrZ7I_43B4DZhrrQEZUHcoHnrRvgA91kmCbSBxkQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 07:25:35 GMT
age: 62477
etag: "15535f98fb85395f43dfab21404ac3fd58145cef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d11194f94b91e55e976fc5d704afa55
eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b
66b01e33e1bc18d18e187632738f8ff49ef58a2d054367173c0570b7caa76260
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4116
x-amzn-requestid: 64c7b71c-74a5-4304-bab5-305de0e4c9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eON3PHCaoAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5902e-72ada40c0419baa7763c2441;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 14:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wrpetZbXyS3pCR4ZBK2XXJRHbg652psant3gpl9ALVEZcfPE1ez8xw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:55:51 GMT
age: 75061
etag: "eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
findher2date.com/ufis/webpush/track?uaDataValues={}&networkGroup=
3.125.187.5200 OK 30 B URL HTTP/2 findher2date.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 3.125.187.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1185
Origin: https://findher2date.com
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
findher2date.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
3.125.187.5200 OK 30 B URL HTTP/2 findher2date.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP 3.125.187.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://findher2date.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://findher2date.com
Content-Length: 1246
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
findher2date.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
3.125.187.5200 OK 30 B URL HTTP/2 findher2date.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP 3.125.187.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://findher2date.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://findher2date.com
Content-Length: 1202
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27
IP 142.250.74.74:0
GET /css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 00:46:51 GMT
date: Wed, 11 Jan 2023 00:46:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
findher2date.com/bridge/frodi_data.js
3.125.187.5200 OK 0 B URL HTTP/2 findher2date.com/bridge/frodi_data.js
IP 3.125.187.5:0
Analyzer Verdict Alert fortinet Phishing
GET /bridge/frodi_data.js HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 28 Dec 2022 12:21:19 GMT
etag: W/"19f8-18558ae0a18"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&j_type=open&jump=23302&jump_name=
52.58.118.128200 OK 0 B URL HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&j_type=open&jump=23302&jump_name=
IP 52.58.118.128:0
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&j_type=open&jump=23302&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=5ef0b1a69a49910668d648d573fad9c6935fcc80; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Thu, 11 Jan 2024 00:46:52 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn3reference.com/images/jump-favicon.ico
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/images/jump-favicon.ico
IP 54.230.111.104:0
GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
server: nginx
date: Wed, 11 Jan 2023 00:46:52 GMT
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
etag: W/"47e-50973ddc33480"
cache-control: public, max-age=604800
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e-9vLPoOeYZF8fWAZCxbz9gIRnZmsQDAOrZu1LghpFGPtVOh5MxiHw==
X-Firefox-Spdy: h2
findher2date.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
3.125.187.5200 OK 0 B URL HTTP/2 findher2date.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP 3.125.187.5:0
GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"35e5-ggvNzPbrS4iAvrqVuh7HqGhzYqo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
findher2date.com/integration.js
3.125.187.5200 OK 0 B URL HTTP/2 findher2date.com/integration.js
IP 3.125.187.5:0
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:51 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"713-fwbOUr7Eav7DiWJG4/Frry+SZa4"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
findher2date.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
3.125.187.5200 OK 0 B URL HTTP/2 findher2date.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP 3.125.187.5:0
GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:52 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
findher2date.com/tds/interlayer?handler=FrodiData
3.125.187.5200 OK 0 B URL HTTP/2 findher2date.com/tds/interlayer?handler=FrodiData
IP 3.125.187.5:0
Analyzer Verdict Alert fortinet Phishing
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: findher2date.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1431
Origin: https://findher2date.com
Connection: keep-alive
Referer: https://findher2date.com/jump?utm_content=ts_b63cb9ef-f510-4ebb-aa47-aeec34d0fca2&tds_rt=&tds_host=findher2date.com&dci=ebbd8678ee2b29569b58e88bf728929a0339cc75&id=23302&_tgUrl=aHR0cHM6Ly9maW5kaGVyMmRhdGUuY29tL3Rkcy9hZS90Zy9zL2YwYTM1M2EzOWQ1ODU1NGYwMjczNzFiNDE4MmE5ZDZmP19fdD0xNjczMzk4MDEwMjQ2Jl9fbD0zNjAw&tds_ac_id=s0278yas&utm_source=intc&utm_campaign=4641276d&tds_cid=6c55df27420b2b6b4dc81649d959bb2cb938d29b&s3=Mainstream&tds_id=b0506rie_jump_a_1601039183809&tds_ao=1&data2=wlkp2uu78i0p1gql2egfhpm2&s1=ps&tds_oid=23302&tds_campaign=b0506rie
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 00:46:53 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
X-Firefox-Spdy: h2