Report - ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign

Report Overview

Submitted URL
ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign
IP
93.115.28.104
ASN
#16125 UAB Cherry Servers
Submitted
2022-10-16 01:28:11
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ponti-pzk.com	unknown	2022-10-15T15:37:28Z	2023-02-02T06:20:48Z	1.5 kB	4.2 kB	34.239.209.41
cartining-specute.com	unknown	2021-02-01T00:37:43Z	2023-03-09T06:13:03Z	732 B	666 B	18.197.36.77
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-09T05:11:44Z	392 B	31 kB	69.16.175.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.0 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.70.239.215
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.115
fourth-4-cdn.com	173683	2021-11-19T10:44:19Z	2023-03-09T12:05:05Z	5.5 kB	211 kB	23.88.123.143
example.org	2333	2012-08-07T19:20:46Z	2023-03-09T05:10:07Z	403 B	1.6 kB	93.184.216.34
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	388 B	4.3 kB	216.58.211.10
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	54 kB	34.120.237.76
flirtyhoookup.com	unknown	2020-03-26T12:26:33Z	2023-01-09T22:28:42Z	545 B	1.3 kB	172.67.201.85
ww11.jiggasha.com	unknown	2018-11-04T06:49:24Z	2023-03-07T18:35:17Z	1.7 kB	1.6 kB	93.115.28.104
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.6 kB	4.4 kB	23.36.76.226
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.3 kB	2.8 kB	142.250.74.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	493 B	46 kB	172.217.21.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-16	medium	ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign	428 B	2023-03-10	2023-03-10
Pretty URL ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign IP 93.115.28.104 ASN #16125 UAB Cherry Servers Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:11:46 Last Seen2023-03-10 10:11:46 Times Seen1 Hash c2c60559212366f48c72b90560a0e8bb c4b239fd0bb05666380879c9a207ef4d783e008f 1853683eb75294826c47e258c1bd3a80714765ee501dc400aa6de2ef9028e986 Loading...

	ponti-pzk.com/zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97	747 B	2023-03-10	2023-03-10
Pretty URL ponti-pzk.com/zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97 IP 34.239.209.41 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:11:46 Last Seen2023-03-10 10:11:46 Times Seen1 Hash 40598a624014448b25d1db6818115662 396ff1c2d56a8c2ea6434c0a81e95903d164196c c194372212250b4e868bd3736cadb46066fd4f384d9d05c31ba79c625a34bb94 Loading...

	ponti-pzk.com/zcredirect?visitid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false	331 B	2023-03-10	2023-03-10
Pretty URL ponti-pzk.com/zcredirect?visitid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false IP 34.239.209.41 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:11:46 Last Seen2023-03-10 10:11:46 Times Seen1 Hash 55ac238736ee2dd16ff0fd7d0be102c3 6ce820fe6bd52c8ee9bb9fb3dec9337c155ec375 ed1b8cb5f999af89bad3e99f7082e8cca529b3128c10b67b3571df847d63f52b Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 12:36:55 Times Seen106346 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0	237 B	2023-03-10	2023-03-10
Pretty URL flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0 IP 172.67.201.85 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:11:46 Last Seen2023-03-10 10:11:46 Times Seen1 Hash 987ce3911cce3215af7f50050cda1846 213b834d7a528f81dd378c6f4c82f9409cf21be5 5d93a6dbf62da803e07eca21e69a03d95b60c9913a48148265291aad90a0d045 Loading...

	fourth-4-cdn.com/assets/f.js	1.7 kB	2023-03-07	2023-10-31
Pretty URL fourth-4-cdn.com/assets/f.js IP 23.88.123.143 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen621 Hash a24a01d7c840115d8957289ec65da34f efca55f9df9a38ecad17c36a9108cab6017b5cfd 4e683e575ca035ef147ae2b8984c2dcf1b885abc8f2e966db2e8c25b86cbb9e9 Loading...

	flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0	267 B	2023-03-07	2024-04-07
Pretty URL flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0 IP 172.67.201.85 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:02 Last Seen2024-04-07 20:29:26 Times Seen374 Hash 545da90c867e86098699e32832d4ba9c 0617b031838bd7c5298c546b35f1c2c9f2bcb1b5 d88b52914e793ce80fdff0060b4f8fac4ffe09f961b18ef7cbdb1086b9a479e5 Loading...

	flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0	8.7 kB	2023-03-07	2023-03-17
Pretty URL flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0 IP 172.67.201.85 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20:51 Last Seen2023-03-17 12:47:18 Times Seen1 Hash 460d69364249807e267eeceeda30a187 c42b3ca8ac4eae46dddff05f4080f4abb7b379a2 788d217f3075cd8f14309b167827386b4b1a1a836d81a864a1ca725f1214fd80 Loading...

	flirtyhoookup.com/p.js?a=418543&cr=48107&lid=19950&mh=TWpVZHNHS3B0UGtvdXJFVnVnbGFlWHlhQmJvck9DUVJQQ3haLTE2MzU2&mmid=519&p=0&rf=&rn=C3CUmdq0lMeUmdaZl25V&t=notrack	0 B	2023-03-07	2024-04-26
Pretty URL flirtyhoookup.com/p.js?a=418543&cr=48107&lid=19950&mh=TWpVZHNHS3B0UGtvdXJFVnVnbGFlWHlhQmJvck9DUVJQQ3haLTE2MzU2&mmid=519&p=0&rf=&rn=C3CUmdq0lMeUmdaZl25V&t=notrack IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 12:41:12 Times Seen37091510 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2d2e18b27b534a54ae1f01421caccee7	24 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 2d2e18b27b534a54ae1f01421caccee7 051dc4e800f7474aa2992cd459ebe917086245a8 2daeb3ad53fdaffdb2055a20bab28c77ea1cc1111862db83ac5e074d63a3e381 Loading...

	#2 Eval - 136c205e0fcceb2b9d317bf3b2fe5212	73 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 136c205e0fcceb2b9d317bf3b2fe5212 2fc3b8b8bed2e7092a1cc7394441d96ab73377c1 4339a0c1f2bef4619c2d2f4f3c90d08e012bcf418288c88da1ac89faccf36ec9 Loading...

	#3 Eval - b11f88985a335e9bdcc0c7eeaa6648c9	25 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash b11f88985a335e9bdcc0c7eeaa6648c9 7e35d81cbfb118763c7188a048ef625d1322b2ab c0fee6b934b08df7fd5858201cc0c4127a85dc7d0c8fd8eb83d58cfcc1cac18a Loading...

	#4 Eval - 035ce6a4e41ed43dc7975db08a853786	67 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 035ce6a4e41ed43dc7975db08a853786 922ebd78ad50c418b19aa21bc25a5796f96f7840 361a831d09ef76b907d6a416524915baec50c238905852e548fe0f2221a4620a Loading...

	#5 Eval - 39f66d094425a187ca0219efd1023cc9	142 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 39f66d094425a187ca0219efd1023cc9 866a5849a522dc3b29ca4b921b1afdae6cb746be 7c22b44f3ca365ec28b11ce4432231eea6de7569658bded3ac6c7b8644c51fd2 Loading...

	#6 Eval - 331169286f9999918c4a5dcaeb7e11a6	92 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 331169286f9999918c4a5dcaeb7e11a6 c971bded19e8bb062c43c212b14660a3ccb2b07f acb4db590b2797dcc50197ea1bad6bdfa76883bff09fd8ea23f0f21ae1fa0b60 Loading...

	#7 Eval - d7f9f551281c283a0c8ecdc22ccccc26	51 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash d7f9f551281c283a0c8ecdc22ccccc26 960c95d3c6ae5091b9ea38bfeae93a511361a170 3906813149363f1ecb7fe2c95126d12999e7ddd966cfb00a50e446ea4423818a Loading...

	#8 Eval - e32ea645145fac83f4de1b47ff2a6d87	36 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash e32ea645145fac83f4de1b47ff2a6d87 da42bb18a15c753cadea6c6589b133a363f79137 01c41e932bc9a6e9718861f97ad6fdb35bd4f2b699d11c479abb9788c1d52958 Loading...

	#9 Eval - d554ac78aba7d227f20712dc0c274df0	37 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash d554ac78aba7d227f20712dc0c274df0 751a686c43fbe5b21f7a9427e1ad7cff97a2aefc 2d6f98223aee606d4b6ff2b57a1c847225406aa1380becd205bb685b3adf5871 Loading...

	#10 Eval - a850fe1eb0542ada96adcbabbbfc02c6	28 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash a850fe1eb0542ada96adcbabbbfc02c6 49f8702f4f1d0e791da84a5cb67b6d81999bb353 a4f48a08d01416c2784a28ba62c656e9e732761d75534f41f69892d61280fc6a Loading...

	#11 Eval - 0f125b86a1e89e966e13b42ab42efdb7	158 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 0f125b86a1e89e966e13b42ab42efdb7 6d24eeaf8ccfc3965e9e5f04fbf0fa9ec159e424 5fd2b7ac06f14aa445293ae600a6650f7a44e5f0b1e100e2b864221aee71fd26 Loading...

	#12 Eval - 4f0a1a87226ecdd35d0a017c04b462f9	38 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 4f0a1a87226ecdd35d0a017c04b462f9 4af7433c382b11a86845102de606dee7ee376c84 fe43b3c21a3b344dc633abee619610ebdbb8f1467c8a3ed3874c7c81f2ef5a86 Loading...

	#13 Eval - bdc221ed285dedd238295fd407d433e9	42 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash bdc221ed285dedd238295fd407d433e9 6f44ea6c80c3756e40deb7c766dca37d76f06845 420ef951a9f49fcb514fde5a2d4bd07a98cf609fba23fcdc2fc660cb2cb10524 Loading...

	#14 Eval - 3bb9e008d3a2239b92ee3b74c0aaa3d2	90 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen545 Hash 3bb9e008d3a2239b92ee3b74c0aaa3d2 52c4f08d77fd5a0dca86f7b7a408166d9407beb7 6c62e1035d91781258fef8d30617f55b5692ba56617087082c68069ddd95b168 Loading...

	#15 Eval - eeef57cc74dc2a3101f022b9802d26fc	44 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen545 Hash eeef57cc74dc2a3101f022b9802d26fc 32d6278eac4421b481acd319c236d8b6d2ce6c4b ef0cec074a1308361ef6b1a50fb53163d7dea6f35bfa7eaaa33d6f5cd853b4ba Loading...

	#16 Eval - 6d72bbb62bb97cfed056dc51904f8154	57 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:20:51 Last Seen2023-03-17 12:47:18 Times Seen1 Hash 6d72bbb62bb97cfed056dc51904f8154 9bccb3a73ad12046a383c84dd8b2ef3895fe9e0b d0a6a34dedec6d449895a2f8ab5a118069126807c15af12c1f0f63c2a0e76877 Loading...

	#17 Eval - 88f36eaa0f311923c0db116bf093330a	37 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 88f36eaa0f311923c0db116bf093330a a79facb2776d2cd1a1549ed35bbd4cc542e9bcda 92a69774ed25091a7d27f3692984ca2cf78cea3e730543b9d3a867ca3701fc5d Loading...

	#18 Eval - dce26ae5191bbe3a22c0a2a1b20e7e71	33 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen545 Hash dce26ae5191bbe3a22c0a2a1b20e7e71 99fe80c51ce124916e3f453f562460ccc04f3824 f543f9b1beb8bb051d13da0f873ab6801661e63d8b16b88b1af69ff098fb07c6 Loading...

	#19 Eval - 865d60fbd2123a5ca105dc8c39b68bc4	34 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen544 Hash 865d60fbd2123a5ca105dc8c39b68bc4 9a19e72987ca0b94195993eccdead217380422f5 1793bf3a5d4ab2080846499c0d7bf8b754b9a0f515ae7685f09ab7b6f0e743a2 Loading...

	#20 Eval - 353c097c4bc1cb8981c446327f0b6ff2	57 B	2023-03-07	2023-10-31
Pretty Observations First Seen2023-03-07 12:03:02 Last Seen2023-10-31 07:28:58 Times Seen546 Hash 353c097c4bc1cb8981c446327f0b6ff2 7f3ffb28300633b2abaf93476f2ab1b0c0f1f4a7 93afe750f893331c7709e79b3b40b7122d4119cde3263346bdd3ad822216c2d7 Loading...

HTTP Transactions (48)

URL IP Response Size

ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign

93.115.28.104

200 OK

532 B

URL HTTP/1.1
ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (532), with no line terminators
Size
532 B (532 bytes)
Hash
aca5d2757e25373adb1ccaa7262ce5b2
926ae3672e972e7d71c8e4d2819d5da8eda4b193
667afec94206043366ce1591ee045e1905569138b8aa3c74d14499bc17db19f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bec/docusignOffice2017/docusignOffice2017/docusign/docusign HTTP/1.1
Host: ww11.jiggasha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 532
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 01:28:00 GMT
server: nginx
set-cookie: sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae; path=/; domain=.jiggasha.com; expires=Fri, 03 Nov 2090 04:42:07 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5414
Expires: Sun, 16 Oct 2022 02:58:14 GMT
Date: Sun, 16 Oct 2022 01:28:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 00:50:20 GMT
Expires: Sun, 16 Oct 2022 01:16:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9G9QTo6cJt1mAft9wbNHTkK8lh2BNPGzkoHmO7kdW36vVeQonNwK6w==
Age: 2260

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18901
Expires: Sun, 16 Oct 2022 06:43:01 GMT
Date: Sun, 16 Oct 2022 01:28:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: lr2rbrbONJK5wlOS8LyPFUvN5Ton3oFDW+tbq94/5BdoT/QxTa8AvB8fVChza433RXNsHysRwqI=
x-amz-request-id: 5P6VNK89R90ZEMEQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 01:02:48 GMT
age: 1512
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ww11.jiggasha.com/favicon.ico

93.115.28.104

404 Not Found

9 B

URL HTTP/1.1
ww11.jiggasha.com/favicon.ico
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ww11.jiggasha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign
Cookie: sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 16 Oct 2022 01:28:00 GMT
server: nginx

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 01:07:43 GMT
Expires: Sun, 16 Oct 2022 02:04:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -rA6o5-RUZPleecdmITX6sVsNmTLg5EHcgrQmo4J5GDNHLbIcM8Aeg==
Age: 1217

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5256
Cache-Control: max-age=115591
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:00 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 09:34:31 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NTg5MDg4MCwiaWF0IjoxNjY1ODgzNjgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2Y2Z29jNzluczZhYWtrdmsxYW42cTYiLCJuYmYiOjE2NjU4ODM2ODAsInRzIjoxNjY1ODgzNjgwMjY0NzgyfQ.kj2UmlftbzNMCRKS1e8lrkIvWxZZgd3I84gccKnCwfM&sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae

93.115.28.104

302 Found

11 B

URL HTTP/1.1
ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NTg5MDg4MCwiaWF0IjoxNjY1ODgzNjgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2Y2Z29jNzluczZhYWtrdmsxYW42cTYiLCJuYmYiOjE2NjU4ODM2ODAsInRzIjoxNjY1ODgzNjgwMjY0NzgyfQ.kj2UmlftbzNMCRKS1e8lrkIvWxZZgd3I84gccKnCwfM&sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /bec/docusignOffice2017/docusignOffice2017/docusign/docusign?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NTg5MDg4MCwiaWF0IjoxNjY1ODgzNjgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2Y2Z29jNzluczZhYWtrdmsxYW42cTYiLCJuYmYiOjE2NjU4ODM2ODAsInRzIjoxNjY1ODgzNjgwMjY0NzgyfQ.kj2UmlftbzNMCRKS1e8lrkIvWxZZgd3I84gccKnCwfM&sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae HTTP/1.1
Host: ww11.jiggasha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww11.jiggasha.com/bec/docusignOffice2017/docusignOffice2017/docusign/docusign
Cookie: sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 16 Oct 2022 01:28:01 GMT
location: http://ponti-pzk.com/zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97
server: nginx
set-cookie: sid=c57ef494-4cf1-11ed-9e9a-daa1b0a284ae; path=/; domain=.jiggasha.com; expires=Fri, 03 Nov 2090 04:42:08 GMT; max-age=2147483647; HttpOnly

push.services.mozilla.com/

54.70.239.215

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.70.239.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4mclOLG0YWeDQibAL+vVcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CgX1TKJKfAYYH7HovDz8UcHMryo=

ponti-pzk.com/zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97

34.239.209.41

200

996 B

URL HTTP/1.1
ponti-pzk.com/zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97
IP
34.239.209.41:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
996 B (996 bytes)
Hash
01bf5fe8c78ee3b5fed1e05c0fbbc796
a911ed3b159e0b240e9e15fb0207692b6448741e
b7eaafe5dc9e2a7db625844d98b0cf6b97fd49d82b06ccc6c34969552d32616f

HTTP Headers

GET /zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97 HTTP/1.1
Host: ponti-pzk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww11.jiggasha.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 16 Oct 2022 01:28:01 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: PxvMpmfM

ponti-pzk.com/zcredirect?visitid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

34.239.209.41

200

792 B

URL HTTP/1.1
ponti-pzk.com/zcredirect?visitid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP
34.239.209.41:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (353)
Size
792 B (792 bytes)
Hash
aa26ca6a93666b148ef6cf3f6e032e64
48770c023bc8097523a45968434596ae0f863ab6
d5f22c41997d07cbdcde99fc8d4fb769ca8c4c16515097514d55e7771adc035d

HTTP Headers

GET /zcredirect?visitid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: ponti-pzk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ponti-pzk.com/zcvisitor/c5bd9a00-4cf1-11ed-8e1a-123317c68497/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 16 Oct 2022 01:28:01 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: eDIOcHEH

cartining-specute.com/zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3D9WUo4qUVvJUz%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dw6m90gdul0soi9pjilmmi7h0&caid=465d002b-e1fb-45a6-8cd8-e79bdf03438e&zpid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&cid=w6m90gdul0soi9pjilmmi7h0&rt=R

18.197.36.77

302 Found

0 B

URL HTTP/2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3D9WUo4qUVvJUz%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dw6m90gdul0soi9pjilmmi7h0&caid=465d002b-e1fb-45a6-8cd8-e79bdf03438e&zpid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&cid=w6m90gdul0soi9pjilmmi7h0&rt=R
IP
18.197.36.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3D9WUo4qUVvJUz%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dw6m90gdul0soi9pjilmmi7h0&caid=465d002b-e1fb-45a6-8cd8-e79bdf03438e&zpid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&cid=w6m90gdul0soi9pjilmmi7h0&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ponti-pzk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sun, 16 Oct 2022 01:28:01 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0
pragma: no-cache
set-cookie: cc-v4=ssnzCu2qrPCKIpVt99bk0f4ro3W4SO4BY2vHDcCTQ77WYM0pzisNrQUosFa627hPT2epWjf2o5NZaO%2BbQGtvOsmIOFNlVObP127wplyY2lL5o5XyOLpYAHb4jN4tgSI889a9%2Bd2R7osA7pMNeBG9Ag%3D%3D; Max-Age=31536000; Expires=Mon, 16-Oct-2023 01:28:01 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
999e8f12ac3dee4fe8acd971f33016c0
bd870a59e1b26d0feed8310ffa0a7683eb52fe41
e5332c8c80ac7c9a864322cd54a8e03749129774abfac3708a543396450df38b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3280
Cache-Control: max-age=147814
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:01 GMT
Etag: "634aefb8-118"
Expires: Mon, 17 Oct 2022 18:31:35 GMT
Last-Modified: Sat, 15 Oct 2022 17:36:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ponti-pzk.com/favicon.ico

34.239.209.41

404

653 B

URL HTTP/1.1
ponti-pzk.com/favicon.ico
IP
34.239.209.41:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ponti-pzk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ponti-pzk.com/zcredirect?visitid=c5bd9a00-4cf1-11ed-8e1a-123317c68497&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

HTTP/1.1 404 
Date: Sun, 16 Oct 2022 01:28:01 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: tvTHuSmd

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
999e8f12ac3dee4fe8acd971f33016c0
bd870a59e1b26d0feed8310ffa0a7683eb52fe41
e5332c8c80ac7c9a864322cd54a8e03749129774abfac3708a543396450df38b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3281
Cache-Control: max-age=147814
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:02 GMT
Etag: "634aefb8-118"
Expires: Mon, 17 Oct 2022 18:31:36 GMT
Last-Modified: Sat, 15 Oct 2022 17:36:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

code.jquery.com/jquery-3.3.1.min.js

69.16.175.10

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flirtyhoookup.com
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 01:28:02 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665883682.dop018.sk1.t,1665883682.cds253.sk1.hn,1665883682.cds072.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

172.217.21.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
172.217.21.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flirtyhoookup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 05:42:51 GMT
expires: Fri, 13 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 243911
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 01:28:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/prizewheel.png

23.88.123.143

200 OK

50 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/prizewheel.png
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (50509 bytes)
Hash
28ed8963bde38b6c401e532646cd0fa6
d75ab697221ddb5214ed9d3ff9bc6c5872e0e87c
82f6481bfeea17e8b8cdfc10fae79e1657e659a3844d0210469b8277682923c4

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/prizewheel.png HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/png
content-length: 50509
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-c54d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700

216.58.211.10

200 OK

3.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
3.5 kB (3506 bytes)
Hash
aa196e3ddde6f88422d6e6a5e51ad41f
3fe17e1eb2327203ff642d710b876d6ce43aab3f
9c332768e2c798f0eba285f68f13b5472544536035f0e6761095d364a9fbf2bb

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 01:28:02 GMT
date: Sun, 16 Oct 2022 01:28:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/bg1.jpg

23.88.123.143

200 OK

38 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/bg1.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 828x462, components 3\012- data
Size
38 kB (38427 bytes)
Hash
55d208ec569f9387e6f1f75b0da43ac2
7817fcdc56166810b78fa31689fc4ec7c87b3544
c022495d116bef443df2fc664dc6ee3d42d1d9536bd6264d2d9f7757a1c634b8

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/bg1.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 38427
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-961b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female4.jpg

23.88.123.143

200 OK

6.9 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female4.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
6.9 kB (6948 bytes)
Hash
cf523967089ecc2735e2ed3b045fe938
38999dff417fed49ced1ab53924c7c4786836224
f07b84f12ef125cbb837a7bd64da401992f5f62bd55fee10d01cd3dcc8abae80

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/female4.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 6948
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1b24"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male5.jpg

23.88.123.143

200 OK

4.9 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male5.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.9 kB (4881 bytes)
Hash
46d9526422064be30b78d8cfb52f78c3
ddd7961a02835f6738904c62e1b47e5dc41e9350
be4658359fb23eeb54e8ebb844e803cf21a96c039734e554f90e1f725078e2b5

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/male5.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 4881
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1311"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female6.jpg

23.88.123.143

200 OK

6.5 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female6.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
6.5 kB (6460 bytes)
Hash
3b8e96b326f7ec46ff5df0012b023586
050b1664a5301e41392e2c8fa995e65a5ee40e72
0114b3ba6dcbd18c41fdd6b66b0e03fdd23e186d93bc30d0d55478508d1fd430

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/female6.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 6460
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-193c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male7.jpg

23.88.123.143

200 OK

3.6 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male7.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.6 kB (3615 bytes)
Hash
a910f2eade4dfc0c6b6527480595472a
ed48d446e87de4ec755714a5da51437e481cda26
60c2053e9aa4900708d262ddb15313d1f5b9e5daad2c0f6ace8c41f4fd78a015

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/male7.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 3615
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-e1f"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male8.jpg

23.88.123.143

200 OK

4.3 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male8.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.3 kB (4335 bytes)
Hash
2694abafaef4ab89dc89090e03b2620e
86b50b25da796fc68153cda261fca4d22776b30d
3560ff7cbc9e86c333fccefe248e3ea5cdade4e46f6b2fc85d84755896cb2e5a

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/male8.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 4335
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-10ef"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female1.jpg

23.88.123.143

200 OK

5.9 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female1.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
5.9 kB (5854 bytes)
Hash
00647cf479a4dfc4d86fbca73917b9f5
fa64f5b7685ecbe71d740ad73411bccba68b2aff
5bd4960f310603d603fb4643b0b5042bc8ed664dc75c2403c1fda586f1eca17c

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/female1.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 5854
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-16de"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female0.jpg

23.88.123.143

200 OK

4.0 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/female0.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.0 kB (4031 bytes)
Hash
753e95c58e533d2879c587fa36286caf
22d593ca6dfd930626703670895f9bbebf628eab
5f4f19c54559ae3660e76a4ffa8f11ea8d0ceb8930d75986c6595ffcd048e1fb

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/female0.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 4031
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-fbf"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male2.jpg

23.88.123.143

200 OK

5.9 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male2.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
5.9 kB (5897 bytes)
Hash
24195ba1d62626c4289f21237387811c
be2a79acb8d5e4a70ac2e4b58be0dfd6f5c34ebf
ccb8bb5abc7700fec0145db49ddf0cca3724ffbab0ea349dd70a4c7b0ef71e3f

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/male2.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 5897
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1709"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male3.jpg

23.88.123.143

200 OK

6.3 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/male3.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
6.3 kB (6336 bytes)
Hash
0f009026daa99305e0fb7335717a1594
7a27f1ae443a36969f9f2689325b6e006c3dae39
d1db668ef30403e132bab1de4720f1c9159e8ba03dc0f3d65d5bf95f3985b80a

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/male3.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 6336
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-18c0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/giftbox.jpg

23.88.123.143

200 OK

66 kB

URL HTTP/2
fourth-4-cdn.com/assets/4eccc9820b6806be79871424f46e4fff/images/giftbox.jpg
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=266, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=260], progressive, precision 8, 260x266, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21601-26452, spot sensor temperature 0.000000, unit celsius, color scheme 0, show spot sensor, calibration: offset 0.000000, slope 1143141114685942466571403264.000000\012- data
Size
66 kB (66155 bytes)
Hash
4bd570b34ea937b97fb0cbc8fa523b3f
99d24b39c0ec694e3786eaec7ea334da4f07a080
dc6aa6a26c44a2857f24f316e654106a6b04f1241c8874d35593978e0ae445d7

HTTP Headers

GET /assets/4eccc9820b6806be79871424f46e4fff/images/giftbox.jpg HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: image/jpeg
content-length: 66155
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1026b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

example.org/media.ext

93.184.216.34

404 Not Found

1.3 kB

URL HTTP/2
example.org/media.ext
IP
93.184.216.34:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1256 bytes)
Hash
84238dfc8092e5d9c0dac8ef93371a07
4a3ce8ee11e091dd7923f4d8c6e5b5e41ec7c047
ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9

HTTP Headers

GET /media.ext HTTP/1.1
Host: example.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
accept-ranges: bytes
age: 224213
cache-control: max-age=604800
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 01:28:02 GMT
expires: Sun, 23 Oct 2022 01:28:02 GMT
last-modified: Thu, 13 Oct 2022 11:11:09 GMT
server: ECS (nyb/1D25)
vary: Accept-Encoding
x-cache: 404-HIT
content-length: 1256
X-Firefox-Spdy: h2

fourth-4-cdn.com/assets/f.js

23.88.123.143

200 OK

1.4 kB

URL HTTP/2
fourth-4-cdn.com/assets/f.js
IP
23.88.123.143:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
1.4 kB (1364 bytes)
Hash
47ba92c71d8ca98b39373ce4c9c766af
7773f95a07f0319037d060f2ba4f25224f6af174
4435b10ed481b5b5fa32413e4fb2889d608ae463fca08156737b5e23822ea1ba

HTTP Headers

GET /assets/f.js HTTP/1.1
Host: fourth-4-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 01:28:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 06 Apr 2022 12:56:50 GMT
vary: Accept-Encoding
etag: W/"624d8e12-681"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sun, 16 Oct 2022 02:10:03 GMT
Date: Sun, 16 Oct 2022 01:28:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sun, 16 Oct 2022 02:10:03 GMT
Date: Sun, 16 Oct 2022 01:28:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Sun, 16 Oct 2022 02:10:03 GMT
Date: Sun, 16 Oct 2022 01:28:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c75eb52-0ce4-4b74-92b3-a3670b609024.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c75eb52-0ce4-4b74-92b3-a3670b609024.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8579 bytes)
Hash
0dee97568c5306e8334fcc9dce195ccb
194a7c40cdfae31844fa711d53142ea98f007a92
bf4e94f2062baf118da68b2fe3f5f38e20f21fe85900cdc69509119e757707c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c75eb52-0ce4-4b74-92b3-a3670b609024.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: c473888c-7989-4b4d-a5e7-f5f3149e145c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5NEfdoAMFaWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a1-4a1d1eb16fc64022768f622d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: icdYFhmC1BY6tDrbYts7bOdjWH55Fkl-CkRdRhqKEuF4MJNFdLA-sQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:24:22 GMT
age: 11020
etag: "194a7c40cdfae31844fa711d53142ea98f007a92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7337 bytes)
Hash
6432c2bf0bab32f918d931dd98a6e1e4
bba4f37b146e5aea2b6490f8f7da63fa61ffc849
bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z8x5zYoU_lGHWGt8ZhQFB6G9gS1Q4YhG_AxOdLCqIpZkXp_-f45ExA==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 03:51:32 GMT
age: 77790
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9623 bytes)
Hash
440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:36:56 GMT
age: 13866
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84cb3cfe-794c-4730-88c6-35e4b3cd9c1d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6722 bytes)
Hash
1741327ab198a2decd032da4f0be91f9
3d9d9f0b0d64600e8b05301120393aaae04e0e6a
863e23e1f5ddb2cfbf19b76817ddb28f646fe53af97e9ca714bbd5d6078fc712

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84cb3cfe-794c-4730-88c6-35e4b3cd9c1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: e29643cd-9d6f-4d27-897d-cb5460fe4735
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEM6ZGdBIAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2842-4555e10b7c637c3f792b9cf0;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GL1Ay0ooLsCV3C180mUcMK64TLmAjDcgvll_geN0aN8hNPVVwwfQ0w==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:37:10 GMT
etag: "3d9d9f0b0d64600e8b05301120393aaae04e0e6a"
content-type: image/jpeg
age: 10252
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6367 bytes)
Hash
df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 13058
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9cf0a31c-c85d-44f5-805c-d721336ee8be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9524 bytes)
Hash
8134d82ebf2ab56f6263871af7dddd04
04f84545a02a942336e70de3c4bf25dafcb8552b
e85d244c6a2aaa6fd45303d88a01ae8cacb1efa0f8cda21f2fe48b53d8ca3a97

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9cf0a31c-c85d-44f5-805c-d721336ee8be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9524
x-amzn-requestid: 5bbf3c66-5b84-4783-884f-b5f677c834fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WZKGQfIAMFbVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d107-57a5d87b0a9b44842ca2808d;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlCP-tVS6w3UjqI-z3QggnoUcZpexq8Jq-qJ4ti0XrHK5Pa_TF139Q==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 03:57:10 GMT
age: 77452
etag: "04f84545a02a942336e70de3c4bf25dafcb8552b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0

172.67.201.85

200 OK

0 B

URL HTTP/2
flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0
IP
172.67.201.85:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6m90gdul0soi9pjilmmi7h0 HTTP/1.1
Host: flirtyhoookup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ponti-pzk.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 01:28:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAApwZ1BnQUJhSm1SbQAAAANoaWRtAAAAJE1qVWRzR0twdFBrb3VyRVZ1Z2xhZVh5YUJib3JPQ1FSUEN4Wm0AAAACaGxkAANuaWxtAAAABXN1Yl8xbQAAACQ3MTlmYmQ0MC0yNzNkLTQ3YjgtODgyZi02ODNkMTA3NGIxNzJtAAAABXN1Yl8ybQAAABh3Nm05MGdkdWwwc29pOXBqaWxtbWk3aDBtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMWW5oeW9ka0dXUEh2.69yXWp8myo4mLSVtYm6yOvDKMpMcLDotVDJQx1V6l_Q; path=/; expires=Mon, 16 Oct 2023 01:28:01 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVQPKBagf0kSEYkBZgz%2Fig3JF7cbCFODx42jum40Bmd8tv26EJaIk2VEbZmYlN7rOZnRNOncMGpvHajAk9doN1pBHKEduGTgsQX0xxPvpRr0X%2Fxk0ZT%2BdIH%2Fn7o%2FfeaBZJoDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ad03f38fa80af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations