r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8443
Expires: Sat, 28 Jan 2023 06:03:22 GMT
Date: Sat, 28 Jan 2023 03:42:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9741
Expires: Sat, 28 Jan 2023 06:25:00 GMT
Date: Sat, 28 Jan 2023 03:42:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 02:43:03 GMT
content-type: application/json
age: 3576
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2337
Expires: Sat, 28 Jan 2023 04:21:36 GMT
Date: Sat, 28 Jan 2023 03:42:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g85dcOwawFrjQKpcQLDQczR/Ax/HcZ2/Bs4C283TZC1e320jn+cSIPJCBtJYe0VA301Nazh/6cs=
x-amz-request-id: 1PZ10RHZNKJ3RT7J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 02:49:39 GMT
age: 3180
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:42:39 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ph.hp1001.com/html/4_6150.html
72.52.179.174200 OK 2.3 kB URL HTTP/1.1 ph.hp1001.com/html/4_6150.html
IP 72.52.179.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (634)
Hash eef4250777cf76578b5049f9c9fcef85
3b4d9445a0beef28344d0ad5a3fe9fd480bb80d3
b2b09fe66ccc31063131008c0f90c91d611a9f2230017402ff8964e647d80a01
Analyzer Verdict Alert fortinet Malware
GET /html/4_6150.html HTTP/1.1
Host: ph.hp1001.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 03:42:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 02:49:03 GMT
age: 3216
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ph.hp1001.com/page/bouncy.php?&bpae=GbhGtLsGvUx79rvvPZxGt%2FzQ0sl%2FkDSmmTv1NPfDDLBCAVr8v%2Fkjmt5zX4rhSb4opAXKaQASfdBoQCf%2Bz62N2SsPyoBmX2Np2Q5v1P%2F1XKvaadmzYjAD%2FbVhAMhUwqdw73viMgHu73NAfA%2BTiegD9IfqcUW4EeOKJX0Vu26D0kcynTUx7GzdZ%2BTXX6tnq7QzWFTNNXRkMdHJFm2tESFsqtrC%2FT0tt1cXgEusHQaYKoLiJPkF3LfDGHqOnoJ7eOR5mJNm7f0GJhjQZe8bQYfZieEoXt4cjW%2BY9tbMu6woV%2B%2FRHbQpZ%2FDNH1KyaJgEaucSGY7s7%2Bn0uc9bYw21fuy8kayo6%2FVRH2VWJ3e3xwngChpH%2FzC2Hgq05pGWOdLNi5lf5pSTlDUUKBuzqtXzDLNufkKqba187LAT%2BYMwy7CKCghmxdRU5gKwh0wY9ty72T69toH1huKJzoInpWm%2BTiYE9a9fqAf1td7Cps9zxyzPEMpEg96BZ1WclmatWdGm&redirectType=js&inIframe=false&inPopUp=false
72.52.179.174200 OK 982 B URL HTTP/1.1 ph.hp1001.com/page/bouncy.php?&bpae=GbhGtLsGvUx79rvvPZxGt%2FzQ0sl%2FkDSmmTv1NPfDDLBCAVr8v%2Fkjmt5zX4rhSb4opAXKaQASfdBoQCf%2Bz62N2SsPyoBmX2Np2Q5v1P%2F1XKvaadmzYjAD%2FbVhAMhUwqdw73viMgHu73NAfA%2BTiegD9IfqcUW4EeOKJX0Vu26D0kcynTUx7GzdZ%2BTXX6tnq7QzWFTNNXRkMdHJFm2tESFsqtrC%2FT0tt1cXgEusHQaYKoLiJPkF3LfDGHqOnoJ7eOR5mJNm7f0GJhjQZe8bQYfZieEoXt4cjW%2BY9tbMu6woV%2B%2FRHbQpZ%2FDNH1KyaJgEaucSGY7s7%2Bn0uc9bYw21fuy8kayo6%2FVRH2VWJ3e3xwngChpH%2FzC2Hgq05pGWOdLNi5lf5pSTlDUUKBuzqtXzDLNufkKqba187LAT%2BYMwy7CKCghmxdRU5gKwh0wY9ty72T69toH1huKJzoInpWm%2BTiYE9a9fqAf1td7Cps9zxyzPEMpEg96BZ1WclmatWdGm&redirectType=js&inIframe=false&inPopUp=false
IP 72.52.179.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 88adb58948b12647c599615a5055254c
c91fec800d25281dd21c419da318fdfa6e0062e0
f07be2d1ecfec7049a9e3f7415cdc155d5a239c28895d0924002055816731e12
GET /page/bouncy.php?&bpae=GbhGtLsGvUx79rvvPZxGt%2FzQ0sl%2FkDSmmTv1NPfDDLBCAVr8v%2Fkjmt5zX4rhSb4opAXKaQASfdBoQCf%2Bz62N2SsPyoBmX2Np2Q5v1P%2F1XKvaadmzYjAD%2FbVhAMhUwqdw73viMgHu73NAfA%2BTiegD9IfqcUW4EeOKJX0Vu26D0kcynTUx7GzdZ%2BTXX6tnq7QzWFTNNXRkMdHJFm2tESFsqtrC%2FT0tt1cXgEusHQaYKoLiJPkF3LfDGHqOnoJ7eOR5mJNm7f0GJhjQZe8bQYfZieEoXt4cjW%2BY9tbMu6woV%2B%2FRHbQpZ%2FDNH1KyaJgEaucSGY7s7%2Bn0uc9bYw21fuy8kayo6%2FVRH2VWJ3e3xwngChpH%2FzC2Hgq05pGWOdLNi5lf5pSTlDUUKBuzqtXzDLNufkKqba187LAT%2BYMwy7CKCghmxdRU5gKwh0wY9ty72T69toH1huKJzoInpWm%2BTiYE9a9fqAf1td7Cps9zxyzPEMpEg96BZ1WclmatWdGm&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: ph.hp1001.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ph.hp1001.com/html/4_6150.html
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 03:42:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9397
Expires: Sat, 28 Jan 2023 06:19:17 GMT
Date: Sat, 28 Jan 2023 03:42:40 GMT
Connection: keep-alive
push.services.mozilla.com/
52.42.157.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.157.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DMLpMfEOi+tux6DXZ7Stgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i0OVpuv/mImGI1rzR4hng2VdgZU=
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6843891562ba7987aa29649d0a96fd3c
5d5b2cc383c48b50d4808f05ae0efd11d14d7236
72223100722b06ff5735c8ddde0fdb4c5512105c2633953b9250d9f723c9d016
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155170
Date: Sat, 28 Jan 2023 03:42:40 GMT
Etag: "63d454d2-1d7"
Expires: Sun, 29 Jan 2023 22:48:50 GMT
Last-Modified: Fri, 27 Jan 2023 22:48:50 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Wiql99vQgjKu0qCcypDUFDxc4sJ_b4Nd9vpdj6MfgArsJ2Vv-EFHEQ==
alia-iso.com/favicon.ico
54.237.193.255404 Not Found 653 B IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=d0035405-9ebd-11ed-adc8-0a9bf28f7da7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 28 Jan 2023 03:42:41 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: xhqwcLCN
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/d0035405-9ebd-11ed-adc8-0a9bf28f7da7/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
54.237.193.255200 OK 1.1 kB URL HTTP/2 alia-iso.com/zcvisitor/d0035405-9ebd-11ed-adc8-0a9bf28f7da7/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 96b1765ed98c1bd8b55acb72a8f84474
df5d3d30ad8038a11fd0fc68dca79cfd065d13de
129f95c77d152b51dd11b6de2116aba3befed1ebaa357afea5f84f30f36522b1
GET /zcvisitor/d0035405-9ebd-11ed-adc8-0a9bf28f7da7/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ph.hp1001.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:40 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: MitItehl
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP 142.250.74.131:0
Hash a219cb7209a13731db7a3f9d568f2a1e
de7bc983ff059fb6fc81e48e635c669148b6dbbc
40fcd69b41df16cba92ab9493a7061786eae475d737b97ac5f0389e7961d7e89
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:42:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16537
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 03:42:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16537
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 03:42:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16537
Expires: Sat, 28 Jan 2023 08:18:18 GMT
Date: Sat, 28 Jan 2023 03:42:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50175d32bf658166ca26db1633fdb95b
69bb6d345d73cd24fd33ad009cc1d3315e7d94e7
d3d3b551cc8b557a1f92a4d819cbb7ab618ef3fac9568f57513fb4905817dad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5092
x-amzn-requestid: 05cd1dc0-54b4-457a-83f6-5f774e65766f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwH_toAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3a038caa6435720711028ac9;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b8qwvqxTXSugeN2wjEA1e1E_bUeWOsEzMZOMHeX9FpCAVsRnltLhyw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 20826
etag: "69bb6d345d73cd24fd33ad009cc1d3315e7d94e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00zN6NcdSHaq-4mWQeizXw9SDgUZJOFnB_6dTo6skjlytfBuz8ud3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 20719
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 20755
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: baf2eddf-03cc-4af7-b799-c2c68b90d7a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUf4sFUYoAMFg6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1ad04-696c5dd015428f7429a5ccec;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 22:28:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dI2BG_eOmY3zIev7w_cnkk-Cy3nkXPmxA2o6htVQzaFGJfl0g6Q_iw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 16:14:27 GMT
age: 41294
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yEFlWGi3J14JLA0l2h02VlIqV8opHesKP6GOvfoP5Tp0m7dOYDxIGA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:32 GMT
age: 20589
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a1e953f3f857726f15465313d082e5
1962e632f29d87d4f5455a29aa096eea057e15c0
a5b193f6de91c69c9e554f75dfa4a00f9cb8c47a26fdca61ed03ffe1dce7cc87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7637
x-amzn-requestid: f22c88bd-1eb9-47fa-aab1-95108b540f35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-D3HN1oAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b2-05068ae37469a90c2355b4ec;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 03aXePxD_sCOwoLYYvykhq0YDOjyTtuoljGYXU_7Wsue1dO-b7gnuw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:43 GMT
age: 20818
etag: "1962e632f29d87d4f5455a29aa096eea057e15c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP 142.250.74.131:0
Hash a219cb7209a13731db7a3f9d568f2a1e
de7bc983ff059fb6fc81e48e635c669148b6dbbc
40fcd69b41df16cba92ab9493a7061786eae475d737b97ac5f0389e7961d7e89
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:42:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash 569128e63f3f8d089a8dcbae8ca45ab5
121e8903cd53c35f33535a8dd166d3c5b4f42d1c
8e1b02a0191347fdc4ae708d68329ea6de4e1dd3cd35b01228771f86fe96485e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85669
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:42:42 GMT
Etag: "63d34557-115"
Expires: Sun, 29 Jan 2023 03:30:31 GMT
Last-Modified: Fri, 27 Jan 2023 03:30:31 GMT
Server: nginx
Content-Length: 277
m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa6se9f&sub2=34496&sub3=21&sub4=s8hnpa6se9c&sub5=38577&sub6=156696&sub7=frd&sub8=
172.67.165.172302 Found 0 B URL HTTP/2 m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa6se9f&sub2=34496&sub3=21&sub4=s8hnpa6se9c&sub5=38577&sub6=156696&sub7=frd&sub8=
IP 172.67.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=34496&offer_id=5246&sub1=s8hnpa6se9f&sub2=34496&sub3=21&sub4=s8hnpa6se9c&sub5=38577&sub6=156696&sub7=frd&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 03:42:42 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d499b22681870001c03d54; expires=Sun, 28 Jan 2024 03:42:42 GMT; secure; SameSite=None
afoffers={"5246":1674877362}; expires=Sun, 28 Jan 2024 03:42:42 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOdsgufBix8bveyPO8bOYdWetIlYDLvL2rYlXv3ltU3qIj1iyGv3ebqvZp%2FYn51llpvM6YzP9%2BmQlZ5zKmSdwA8ID5ZhMAJ%2Bl8VpRE%2Bab7mxknW2rcQ6I8K%2FlY9RaXi9xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b838dbedb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash 569128e63f3f8d089a8dcbae8ca45ab5
121e8903cd53c35f33535a8dd166d3c5b4f42d1c
8e1b02a0191347fdc4ae708d68329ea6de4e1dd3cd35b01228771f86fe96485e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=85669
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:42:42 GMT
Etag: "63d34557-115"
Expires: Sun, 29 Jan 2023 03:30:31 GMT
Last-Modified: Fri, 27 Jan 2023 03:30:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 277
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash d750291e566dbd366e71d92b2672f3e8
d2f730916fc740ba9cb9bd8e8703cd534fc500c9
73caf27fbe2a8162777721c8e727a06d14819fee5e7ac3bb98d14c418c17573f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 03:42:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 01 Feb 2023 02:38:54 GMT
ETag: "d2f730916fc740ba9cb9bd8e8703cd534fc500c9"
Last-Modified: Sat, 28 Jan 2023 02:38:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906b83a2972b503-OSL
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496
52.19.202.187302 Found 270 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496
IP 52.19.202.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1e02faeee555a4f214a210e7f08cb55f
7c9298f91c3a6dc6986ddef5387755f3c4230576
d1d48b038eed8d1c9c66083f5f1d3159c499e7178664cfc5c6a534d7258d5211
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 270
Content-Type: text/html; charset=utf-8
Date: Sat, 28 Jan 2023 03:42:42 GMT
Location: https://toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496&ckmguid=8160e011-13a9-44b8-8716-53d922ebf2ea
Connection: close
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 736c5ca9f4b42b4a62bd7a4714d80484
300dfa2835cb960bd01cfa6dd656e2ffbf21587a
5ebe84b86df9b71c845137eef6ad8ced1bf66487f964fbeacfea68ad5b5f1d7e
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 03:42:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:42:42 GMT
ETag: "300dfa2835cb960bd01cfa6dd656e2ffbf21587a"
Last-Modified: Sat, 28 Jan 2023 03:42:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906b83daa60b521-OSL
toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496&ckmguid=8160e011-13a9-44b8-8716-53d922ebf2ea
52.51.210.211302 Found 234 B URL HTTP/1.1 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496&ckmguid=8160e011-13a9-44b8-8716-53d922ebf2ea
IP 52.51.210.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d5dac776853d6b2dc65cf9f20ceccace
dee14a57209521301d58461532520bcd9d7cca51
72a028b1c9df9f2b8ef54e8b11ee984f5a8a9d1f9ef46fca2f066cb70d65d854
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d499b22681870001c03d54&s4=34496&ckmguid=8160e011-13a9-44b8-8716-53d922ebf2ea HTTP/1.1
Host: toomoffr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Sat, 28 Jan 2023 03:42:43 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742605584&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=4Ta3erHbrnKFr0MZKohWUzxBLxeGksKt/cVQX/siY8moIZfR+RBjDA==; domain=.toomoffr.com; path=/; HttpOnly
trk=LZKLyh3p1r1xxRNUycnDyTxBLxeGksKt/cVQX/siY8moIZfR+RBjDA==; domain=.toomoffr.com; expires=Tue, 28-Jan-2025 03:42:43 GMT; path=/; HttpOnly
c36197=4Ta3erHbrnIpF9ORTjDJwhWgktPqkDCjRxlRamAQtG1eCUghiDE1Zg==; domain=.toomoffr.com; expires=Mon, 27-Feb-2023 03:42:43 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742605584&source=16295&sum=
18.193.146.82302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742605584&source=16295&sum=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742605584&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 03:42:43 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/ES11/n.php?cep=A7hhIoXxRzBFdo90r5tR7ltiA9PZHCF3EPGzKj6t-Mvq3mFWJJ89-N4rWq0EPGF1gfABbEf8S9h_TRb9KLQ76ypc7Z7SCPBNBHsZx8I2xxN7mdSY9D3WIcQlfcP3nI_xE820CtKpTOSHILFBJ1VHSacU8Vinipf616QIrlfFNBQqPIl7j7f14OPzbkCM7nbiujfYPw8rfRzBuEhd6nLkBfIdakUKUhb2RJZt67C444sQRYXqCxSn66LGR45jhPVCrutFIBds7v1zanbMI6cembEEmV_DVclYcRsJW734vlPDBrjO_ncLKDBHBPpfTzHVilG_I7QUQGFiOPmb65LSfZjxhbTuoSIBrvrLUyDRToZ-ifq8ZhJHeLKbxQwm-QtdCr8T0axDONZiyASB6J8_u2UZO6Rj7aqY9jfIpF55Y38&lptoken=16bd743f87c5914f636d&external_id=36197-742605584&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=wNgBiY3oDFlBRDgnfdLvEWWPiOqcuaasnsMvCtX7_5A; Max-Age=86400; Expires=Sun, 29-Jan-2023 03:42:43 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=2bhTlVlJYYAVBB_n9Q2spUkcUvdLc7G3-rdM6sbNPfdZ9YzaSMnIxSMV21YTgW0CJDa3jpPxONELzSoESA0_8IN5g40w9a8VVb2S0uONm5YltMGcQhIAp1SzJrLETciwHsUyImLaqL7_OmXIKXUOd7QpJIPwTFnLpxJOOl0ugQw_bGolZGnWWob0SNrmOqcxphoNiEaYXdUJXX7cRKbDlXiqnaMGmedPNTDMmNTaCVdpgQfn0hPGK8IQ6AYi-sf5gn52OmvMyjuL_NufKSmw140lXkMlCQj9YqruZ1hvhPz9IW26LSqAm_n3PzR0v3Z_8N54ZeKCbpuCBQ5zp0Um12kcYveaZTMDFss3_W_vxmCLySJwiUqEzDSK3fmOP0taCzRk39rluE9p736-9H_zTG5irqlr9_xWsxt0VnK5jqs; Max-Age=86400; Expires=Sun, 29-Jan-2023 03:42:43 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
IP 142.250.74.131:0
Hash 33ead3061658172ebe03b4aac89e53fa
ce23c0798409f83dd8ad86dfe5bec832eb25ea66
744650eb4b0f706362e2b0cff52582ccb7d21d3244e21fe59eb342d5f435b9f3
POST /s/gts1p5/QsXoNUJjkNc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:42:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/html/ES11/images/01.jpg
172.67.71.67200 OK 59 kB URL HTTP/2 mycasualhookups.com/sl/html/ES11/images/01.jpg
IP 172.67.71.67:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x600, components 3\012- data
Hash 51df31f09df7b6f59095d090ee85ef8b
f907f6d8368c98a4c93ac30fa07baf896463f0e8
4098ee580cbb67c6b532037b0cabd518805f634c38afab3ea10ed3ed11661ada
GET /sl/html/ES11/images/01.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: image/jpeg
content-length: 58814
cache-control: max-age=86400
cf-bgj: h2pri
expires: Sat, 28 Jan 2023 17:21:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 37273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fleAdmBSIQqbqZi3Vu1bkiXnSKP%2FSJMjXeEQXuWHOdSfwQQq%2FGhEJWbMvWdqdNQFi0AEzMygosoToqPKE8Xo%2ByMnyb3voyqxpFv8ppZFSzL14A7nd%2FIhjglX0gtmvTIzzG4fE9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906b846ae01b518-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/ES11/css/style.css
172.67.71.67200 OK 2.0 kB URL HTTP/2 mycasualhookups.com/sl/html/ES11/css/style.css
IP 172.67.71.67:0
File type ASCII text, with very long lines (6417), with no line terminators
Hash ab226e515686ee70dfcdcdf1558ccc69
9b08a87a67d282ef38e833f9b513d1e61bfc79f2
c687e57470878dce387ecdd71807603fe940dd33a1c95a7a5b79873fb51de18f
GET /sl/html/ES11/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=8344
expires: Sun, 29 Jan 2023 02:10:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzSDfJuVzV6ZNKOKd9yrITCnjP6KyVSXuTSIJ7Nqh5Y9AoOyOKG3Ckd%2F7TuCNIWc044eOVyirqKIOMJUVYbKudslFZPaTc%2F23XpjJqeO%2B6cAi1%2Fb1%2BGFW6zGRvX7rgXXCbgKCDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469df5b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/ES11/js/modernizr.custom.js
172.67.71.67200 OK 3.6 kB URL HTTP/2 mycasualhookups.com/sl/html/ES11/js/modernizr.custom.js
IP 172.67.71.67:0
File type HTML document, ASCII text, with very long lines (8200), with no line terminators
Hash 090e577489344bad8dad18a080c11da8
417b273a6dfc8636ea4ee53368e58e0f06d18be1
341208d69399a5ddb59cd6c129d1f764151c87f63120244815f0936deb1d6e2d
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/ES11/js/modernizr.custom.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=8371
expires: Sun, 29 Jan 2023 02:10:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY34hwoR299IZrB1tS5rtEQaNl2qjlQxCVL1Ngql%2FVeUic2%2BHkcB5Kc3KDgwEYQPoogzF%2BNPJoJKo%2BjZ%2BwnLwDhvj4kkKDlJvAKVhF3FnYkJIb6j4x8%2B1gVpdLJeEslY2Hrfh1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b846ae00b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/ES11/js/config.js
172.67.71.67200 OK 169 kB URL HTTP/2 mycasualhookups.com/sl/html/ES11/js/config.js
IP 172.67.71.67:0
File type ASCII text, with very long lines (332)
Size 169 kB (169148 bytes)
Hash 53cfdb46df6a1e3e39a37b8ce782d35e
43e8f0bb98085219ff62f0320599240cb000eebf
164cb85f7d68ec5225ecdca6b23715685025adeb5c52343864e1c32e3faf364d
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/ES11/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sun, 29 Jan 2023 02:10:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:27:45 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAL3dS8bL2oM0c1Jmbey2wdoOwFMkiGikCq%2F%2BSyl81iWe44TJ0iZgIl%2B8CBP%2BqeO0QwwAgeoTtlHbmrLO28coTPxlKGt%2Bf7ygo6u03ugBi0AaqKPdvwyIei1GPYuA9fILMqychk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469dfdb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
172.67.71.67200 OK 32 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP 172.67.71.67:0
File type ASCII text, with very long lines (65451)
Hash a4bb78c44821125ee3b1aa756ba43a3f
04160e90fbcfc13ddedc8d463486bba8b767df66
38117e51f456c63cc3ce143a2a55fa14f26137a01c57bb61bcb402526ad6dfcb
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 78002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyFiL9AOGryHePGC5sa2C2OdJtlZy%2BYnEQ3MTfPjH%2BDEioG4g4i7oP57rOE8iXtfX%2B2qfbEGQkkERwadXn5GzGTtVsWvGu9QwGTNgwnvLLFb6tEbaKg0ADHBbhNlOlm3foEga%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469df7b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.163.28200 OK 922 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
File type JSON data\012- , ASCII text, with very long lines (2116), with no line terminators
Hash 25dcef5f446a54ee773d834fb490d0d3
21d62d727d8cd5ce1fd78d13d5f21a27f7ff3f40
28093394b3d4d3d446532c7e2851f3b9d14d714ec1a49a08bf46be7b4023a7de
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/ES11/n.php?cep=A7hhIoXxRzBFdo90r5tR7ltiA9PZHCF3EPGzKj6t-Mvq3mFWJJ89-N4rWq0EPGF1gfABbEf8S9h_TRb9KLQ76ypc7Z7SCPBNBHsZx8I2xxN7mdSY9D3WIcQlfcP3nI_xE820CtKpTOSHILFBJ1VHSacU8Vinipf616QIrlfFNBQqPIl7j7f14OPzbkCM7nbiujfYPw8rfRzBuEhd6nLkBfIdakUKUhb2RJZt67C444sQRYXqCxSn66LGR45jhPVCrutFIBds7v1zanbMI6cembEEmV_DVclYcRsJW734vlPDBrjO_ncLKDBHBPpfTzHVilG_I7QUQGFiOPmb65LSfZjxhbTuoSIBrvrLUyDRToZ-ifq8ZhJHeLKbxQwm-QtdCr8T0axDONZiyASB6J8_u2UZO6Rj7aqY9jfIpF55Y38&lptoken=16bd743f87c5914f636d&external_id=36197-742605584&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Hfcs75pp23zmwwxaLEnTo8DzDM%2Ft8lxqzkSrBOI8o8VHrkWEyGwz5sK70xQnkcYSXGqJsqs646JIcdab2p5wPEppk5yPzp%2FmoJZIyVj0ai%2BOty0lCucaEpKsQi0S5j%2B0nR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b848495876c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/favicon.ico
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/favicon.ico
IP 172.67.71.67:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 10522842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t6AMHtTg6PnHcjd7ZafIuKEwk0Zlyf8PQpRHA%2B3hNIctnJppBYfPsBVLOx4Co3ouSQRyN8c3WiWv1LUjgxjWlEO3d3hLVcN7Xdd27QSe%2FI%2FB0%2FYL2pd2TLm1Rav08Abd%2BYN1X8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906b84aafaeb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/privacy-policy.html
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/privacy-policy.html
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/privacy-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sat, 28 Jan 2023 03:47:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FuoZh0bfVBPpysRyi87PuvVyqJ%2B%2FCtte%2BA4Z%2B8mpI4k4E6B9l2BTvHCFVVWVMqsxdMtg47yZo2laa%2Fv%2FFVdXvA2EeZwxgLDIRgExH92PONZNXQmt4fJwAIRZjCaqnQnNb8HQMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b84a0f5ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wg54qcp9e3h9db7m2fht7q2o
172.67.198.234302 Found 0 B URL HTTP/2 winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wg54qcp9e3h9db7m2fht7q2o
IP 172.67.198.234:0
GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wg54qcp9e3h9db7m2fht7q2o HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 03:42:41 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6se9c&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa6se9c;Expires=Tuesday, 28-Feb-2023 03:42:41 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzQ4NzczNjEsXCIzMFwiOjE2NzQ4NzczNjF9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NDg3NzM2MSxcIjFcIjoxNjc0ODc3MzYxfSxcInRpbWVcIjoxNjc0ODc3MzYxfSJ9.H7q_kBGzrRpzEHWQIFrobcSmCixGnclYrMHS9PLZfVk;Expires=Tuesday, 25-Feb-2076 07:25:22 GMT;Max-Age=1674963761;Path=/
_token=uuid_s8hnpa6se9c_s8hnpa6se9c63d499b1848478.64719298;Expires=Tuesday, 28-Feb-2023 03:42:41 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BMxQytggsM4cN%2Fx2V5enNsXPDh1iA3apnHfZkg5InxoBmwSAK%2FjDx4xbXxvE%2B8CuNFm7Exu1uuSNeNb3usP4vn1JBPlFHnoZ%2FvKo1oAUGxiKVEOPlIz3mcsQLdSKlgCIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b834f81a1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6se9c&sub1=38577&sub2=156696&sub3=frd
104.21.81.229302 Found 0 B URL HTTP/2 hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6se9c&sub1=38577&sub2=156696&sub3=frd
IP 104.21.81.229:0
GET /btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6se9c&sub1=38577&sub2=156696&sub3=frd HTTP/1.1
Host: hotloveland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 28 Jan 2023 03:42:41 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa6se9f&sub2=34496&sub3=21&sub4=s8hnpa6se9c&sub5=38577&sub6=156696&sub7=frd&sub8=
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa6se9f;Expires=Tuesday, 28-Feb-2023 03:42:41 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzQ4NzczNjF9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjc0ODc3MzYxfSxcInRpbWVcIjoxNjc0ODc3MzYxfSJ9.m11SJoyV5PNCWOBT70SAXu9XPOnOkAzYOcxbYeHeQNU;Expires=Tuesday, 25-Feb-2076 07:25:22 GMT;Max-Age=1674963761;Path=/
_token=uuid_s8hnpa6se9f_s8hnpa6se9f63d499b1df6d69.22590341;Expires=Tuesday, 28-Feb-2023 03:42:41 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtPDFBREr9SdHh5elH%2Bp7qv2Vsq2kQPP5qk%2BwfIxwOz1aNTe7TmeK6uYTPUR%2FdAGfAeJE7vU1qol0%2F3zScFQ%2Bmq%2BZlzX%2Fb7Xf%2F9jSO9xzLbLAdZ2I53HBEy0nlNo%2B6O9GC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8377f0e1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 78002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp8UVW72tNOq7%2Bajzhc8R%2BowlaTq71k4ikkfXbv8OxThWKyGFbYihUeDPYAXEj2ZbB3I7rDRnp7pMrKgnI4gmN7LwHo07tewN%2FsrTDA6eXIQcYO5nRELQDvTHywlxerYIfBBVic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469dfab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/common-langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sat, 28 Jan 2023 06:02:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 78001
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6Q4Yb9Dtd1VIa8FNidJOAqZNbyvnG0QQpgUcM8kMByjszfICnXrUg5ryBDA9g894VAxao4LcegUi0OFoxYKEj77bwefQV8nQGwIgnHpRKCQse9z%2FYcZZ8xsSAsnJIk35BpgF2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469dfeb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/ES11/js/langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/ES11/js/langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/ES11/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=68596
expires: Sun, 29 Jan 2023 02:10:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDFU05VuEl%2BqwrFm19JXFprvhSfJhf4SZ%2FlEUfi811w60769KDvw%2B8ttbnOt5PZQ%2BBSdTbDYTPqdkWCmTMjnRBwtKzu6MUjCtHOYLa1Cmn5%2BKWUoJ2A3Q2p8TiAwim%2BBtSJ1XcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469dfbb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1674877364
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1674877364
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1674877364 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 29 Jan 2023 03:42:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jna9CG%2FzkM1FbNhtoQsiJ%2BTJ6Y472pk8uw%2FwUoABm56%2Bc4T2M7U5VhMfdFCnDFrvF1IjLBf1hHMx53mxHnVmWnHZJQ1KgxNYTbjtT7FM5XPtx5zEN3rON1GoPVzHQGGCHCT7XRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469df6b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/main.js?1674877364
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/main.js?1674877364
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/main.js?1674877364 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 29 Jan 2023 03:42:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jtj6vu%2BGDoxBQatcLhyXLdQ%2FH84bQgSkzKLTKLmvEKLNxIpP9ZtaNHl70gQneYWUzmBvuLq9P0Zr9eeTCG2VP4X7pXu1YZHPvFd1ptJ8jKcbDR0gYysSDTJY4PUBrWYiuTZiFAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469dffb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=d0035405-9ebd-11ed-adc8-0a9bf28f7da7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 OK 0 B URL HTTP/2 alia-iso.com/zcredirect?visitid=d0035405-9ebd-11ed-adc8-0a9bf28f7da7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
GET /zcredirect?visitid=d0035405-9ebd-11ed-adc8-0a9bf28f7da7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/d0035405-9ebd-11ed-adc8-0a9bf28f7da7/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:41 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: UbVBTvTF
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 78002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdnM%2Ffq%2BIGlPLL3gef6BSdYhF5xdkb%2BxfuiN%2BGPvoONdNZ%2BS%2F72%2B8%2FdV5lZ92Hsx1Fbiq%2BPonZZjrKmxloMsXVnavZpZ9wIDIRhxYV8KPgaTU5nFqYSJRvWgkxWZCq6eZMWnI%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b8469df8b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/ES11/n.php?cep=A7hhIoXxRzBFdo90r5tR7ltiA9PZHCF3EPGzKj6t-Mvq3mFWJJ89-N4rWq0EPGF1gfABbEf8S9h_TRb9KLQ76ypc7Z7SCPBNBHsZx8I2xxN7mdSY9D3WIcQlfcP3nI_xE820CtKpTOSHILFBJ1VHSacU8Vinipf616QIrlfFNBQqPIl7j7f14OPzbkCM7nbiujfYPw8rfRzBuEhd6nLkBfIdakUKUhb2RJZt67C444sQRYXqCxSn66LGR45jhPVCrutFIBds7v1zanbMI6cembEEmV_DVclYcRsJW734vlPDBrjO_ncLKDBHBPpfTzHVilG_I7QUQGFiOPmb65LSfZjxhbTuoSIBrvrLUyDRToZ-ifq8ZhJHeLKbxQwm-QtdCr8T0axDONZiyASB6J8_u2UZO6Rj7aqY9jfIpF55Y38&lptoken=16bd743f87c5914f636d&external_id=36197-742605584&source=16295&sum=
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/ES11/n.php?cep=A7hhIoXxRzBFdo90r5tR7ltiA9PZHCF3EPGzKj6t-Mvq3mFWJJ89-N4rWq0EPGF1gfABbEf8S9h_TRb9KLQ76ypc7Z7SCPBNBHsZx8I2xxN7mdSY9D3WIcQlfcP3nI_xE820CtKpTOSHILFBJ1VHSacU8Vinipf616QIrlfFNBQqPIl7j7f14OPzbkCM7nbiujfYPw8rfRzBuEhd6nLkBfIdakUKUhb2RJZt67C444sQRYXqCxSn66LGR45jhPVCrutFIBds7v1zanbMI6cembEEmV_DVclYcRsJW734vlPDBrjO_ncLKDBHBPpfTzHVilG_I7QUQGFiOPmb65LSfZjxhbTuoSIBrvrLUyDRToZ-ifq8ZhJHeLKbxQwm-QtdCr8T0axDONZiyASB6J8_u2UZO6Rj7aqY9jfIpF55Y38&lptoken=16bd743f87c5914f636d&external_id=36197-742605584&source=16295&sum=
IP 172.67.71.67:0
GET /sl/html/ES11/n.php?cep=A7hhIoXxRzBFdo90r5tR7ltiA9PZHCF3EPGzKj6t-Mvq3mFWJJ89-N4rWq0EPGF1gfABbEf8S9h_TRb9KLQ76ypc7Z7SCPBNBHsZx8I2xxN7mdSY9D3WIcQlfcP3nI_xE820CtKpTOSHILFBJ1VHSacU8Vinipf616QIrlfFNBQqPIl7j7f14OPzbkCM7nbiujfYPw8rfRzBuEhd6nLkBfIdakUKUhb2RJZt67C444sQRYXqCxSn66LGR45jhPVCrutFIBds7v1zanbMI6cembEEmV_DVclYcRsJW734vlPDBrjO_ncLKDBHBPpfTzHVilG_I7QUQGFiOPmb65LSfZjxhbTuoSIBrvrLUyDRToZ-ifq8ZhJHeLKbxQwm-QtdCr8T0axDONZiyASB6J8_u2UZO6Rj7aqY9jfIpF55Y38&lptoken=16bd743f87c5914f636d&external_id=36197-742605584&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sat, 28 Jan 2023 03:47:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5IdQrdZJSwsRoKjvaOTWqXaD7cRc4DPCGCL%2B3EipLIWAb9QoqH4hNDrdJ0GMvcNYcAlOo%2BJl46RWccONSRkbixkXeVJf9rZni074N%2B8MvMLQ00V%2BczoVJslEMVyHtrn3po7l7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b842ec76b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:44 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 136337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT5EFKKX33MVPlRry7Db5bzuCxc9t7yM52cbnZsfClr8XONd9U9mrrtVsMZzdlg7PyWKgedcyCuSAUzzuOTIAnBUQlx2Ha%2FVklqb7KLbz8rDOW1oihbYrEiRbZElABBpsLre"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906b8470fc876ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
188.114.96.1200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 188.114.96.1:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:42:46 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51R1CsFFwYdVqRh1au%2BHRtO1mzn%2F4Lil54%2BcTv2VqGy6QnMSePSIgB5MZEisL%2BXHbwXOfADhCO1t6orOgazPQQs3aHB15LrF2gLpFwAVuDMviS24Qkn%2FA81yeKnl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906b851aba70b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2