anamuel-careslie.com/61b4906c-3348-438a-bc8c-8b90088f4b27?acme=&cid=oarqq63832c87000b627a&media=&s1=&s2=&source=&xa=
18.193.146.82302 0 B URL HTTP/1.1 anamuel-careslie.com/61b4906c-3348-438a-bc8c-8b90088f4b27?acme=&cid=oarqq63832c87000b627a&media=&s1=&s2=&source=&xa=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /61b4906c-3348-438a-bc8c-8b90088f4b27?acme=&cid=oarqq63832c87000b627a&media=&s1=&s2=&source=&xa= HTTP/1.1
Host: anamuel-careslie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sun, 27 Nov 2022 09:23:26 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Pragma: no-cache
Set-Cookie: 61b4906c-3348-438a-bc8c-8b90088f4b27-v4=klnGWb5qn4me5VL4PEFyvD9f2M8kxRIWbNsqkjO3rGU; Max-Age=86400; Expires=Mon, 28-Nov-2022 09:23:26 GMT; Domain=anamuel-careslie.com; Path=/; HttpOnly
cc-v4=8uV7ARQWm6ymgKcxSlrrHIEC5P2MV2sJHQ86UkTuly5cW2yxu9gNrnVAJjHGRZr%2Bs7iGLoklw6qXiGnviReOM8SyUSdwr6GmROEVz6M7OIvLj%2FdShk62kSj9JdakBz%2BccgoPLHlo86wbUwME5nRmhQ%3D%3D; Max-Age=31536000; Expires=Mon, 27-Nov-2023 09:23:26 GMT; Domain=anamuel-careslie.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2663
Expires: Sun, 27 Nov 2022 10:07:50 GMT
Date: Sun, 27 Nov 2022 09:23:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4971
Cache-Control: max-age=95432
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:23:27 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:53:59 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 09:17:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 349
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5755
Expires: Sun, 27 Nov 2022 10:59:22 GMT
Date: Sun, 27 Nov 2022 09:23:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /rALfjTaAvESwbjGrv4hzURBQsEAxHO4dR9ot+3TaESRapCzQEukAjeAq1nn+gjR1qwIEUN1cw4=
x-amz-request-id: 9TYZQA29GDZVMZWB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 08:41:34 GMT
age: 2513
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0a399d2b319bba34cdabb975957f816
f13110df813a7d42f5639b19b6d4805d164c9d44
42bf0d93ac4256bef394e5542494f1e0c9be6bf1480434077201dfc76b73734b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87925
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:23:27 GMT
Etag: "6381e104-117"
Expires: Mon, 28 Nov 2022 09:48:52 GMT
Last-Modified: Sat, 26 Nov 2022 09:48:52 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 09:08:54 GMT
cache-control: public,max-age=3600
age: 873
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 2088f45abad6f571f59dbd62a3511048
b1c0c4ac4e83112efd17660c2e775c3243875a8a
a619d162c540e417a28a989333b73ab283d4ee66623d87c7cc67836a83affecc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 09:23:27 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 23:44:54 GMT
Expires: Sat, 03 Dec 2022 23:44:53 GMT
Etag: "b1c0c4ac4e83112efd17660c2e775c3243875a8a"
Cache-Control: max-age=569485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7709ce225e9eb51b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5909
Cache-Control: max-age=91313
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:23:27 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:45:20 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 2088f45abad6f571f59dbd62a3511048
b1c0c4ac4e83112efd17660c2e775c3243875a8a
a619d162c540e417a28a989333b73ab283d4ee66623d87c7cc67836a83affecc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 09:23:27 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 23:44:54 GMT
Expires: Sat, 03 Dec 2022 23:44:53 GMT
Etag: "b1c0c4ac4e83112efd17660c2e775c3243875a8a"
Cache-Control: max-age=569485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7709ce225e880b45-OSL
api.hookupers.com/entry
34.90.45.68204 No Content 0 B IP 34.90.45.68:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /entry HTTP/1.1
Host: api.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-prev-url,x-referer
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Origin: https://hookupers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 09:23:28 GMT
access-control-allow-origin: https://hookupers.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, X-Prev-Url, X-Referer, X-Csrf-Token, X-Xsrf-Token, X-Requested-With
access-control-expose-headers: X-Total-Count
access-control-max-age: 86400
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
104.26.15.67200 OK 748 B URL HTTP/2 hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
IP 104.26.15.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1824), with no line terminators
Hash 6c185fe12685e47ea8b31883e26cafde
4b5d19075e4e3b5db6a4272feee02ed1342440cf
ea5e379ffc2ccf243838f9422764508d0577a12f075489200ffcc8550c89a07b
GET /entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSHVt153MzzC%2B956DSAfG5lGm7AGsHQxb7qR2wVm8CIUXPpYwITxLhgV4MA%2BPkra%2Bi2wEsg%2FOel%2FO50xurGBgTjd5Kmn8UMf%2Fh6xllFeEaLW8N8jHMOfQ7tfphjvB3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce1f7da70b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
hookupers.com/static/css/SiteApp.68dfa95d.chunk.css
104.26.15.67200 OK 11 kB URL HTTP/2 hookupers.com/static/css/SiteApp.68dfa95d.chunk.css
IP 104.26.15.67:0
File type ASCII text, with very long lines (49612)
Hash b019fa2a083df7aeca93e63a5b4f45a2
1d255daea3472bee3df82d35e573c7d8d9228f90
d4c63728e33946d87c9cb645ba0d406b5ea9e0cd3b6a1a345c456803be1c862e
GET /static/css/SiteApp.68dfa95d.chunk.css HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:28 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 14:45:53 GMT
vary: Accept-Encoding
etag: W/"634ebc21-c202"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 3436374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHx593qS08GSdY9rkXK9LdBEUZaWMykq%2F7QulQLTKJ44gIyCQHj4ubFTvf688pXbcJDlpnpxYbDspWpo3A6hOn8wAoKmJ97DyDPmNWdMJelGwlORmDZZQsAZ8GqAWdk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce274d310b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.hookupers.com/entry
34.90.45.68200 OK 1.2 kB IP 34.90.45.68:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash fb685ec371275168e4777f317999d042
a85b91559980617ae8d111390e2e47291595ac7f
3e9bc958c8ecb3568b68bf7a68649b6e16b457c77e7c76528db32c8fe9fd4a5d
Analyzer Verdict Alert fortinet Phishing
GET /entry HTTP/1.1
Host: api.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
X-Prev-Url:
X-Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Origin: https://hookupers.com
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:28 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: https://hookupers.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, X-Prev-Url, X-Referer, X-Csrf-Token, X-Xsrf-Token, X-Requested-With
access-control-expose-headers: X-Total-Count
access-control-max-age: 86400
set-cookie: language=en; expires=Mon, 28-Nov-2022 09:23:28 GMT; Max-Age=86400; path=/; domain=.hookupers.com; samesite=lax
hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe; expires=Sun, 27-Nov-2022 10:23:28 GMT; Max-Age=3600; path=/; domain=.hookupers.com; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash c9c888115c11911ca83cd4b6b19e02ca
19330ac00b983898efabb9c9d5279902bc47998c
385b719b191b4c90f3972ce098d81cc3ac8487b1662f0f2da4b2ac2128e9dbe4
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129674
Date: Sun, 27 Nov 2022 09:23:29 GMT
Etag: "6382841b-1d7"
Expires: Mon, 28 Nov 2022 21:24:43 GMT
Last-Modified: Sat, 26 Nov 2022 21:24:43 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9OnycLw093Vn6p0mgy__ivpnixu2_9N7KikIT0_-yAS_tNngyiMvOQ==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash c9c888115c11911ca83cd4b6b19e02ca
19330ac00b983898efabb9c9d5279902bc47998c
385b719b191b4c90f3972ce098d81cc3ac8487b1662f0f2da4b2ac2128e9dbe4
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135631
Date: Sun, 27 Nov 2022 09:23:29 GMT
Etag: "6382841b-1d7"
Expires: Mon, 28 Nov 2022 23:04:00 GMT
Last-Modified: Sat, 26 Nov 2022 21:24:43 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2Hx0OEIW3WZjG0HQkDmHR_q-vlCi88gMgVjqztoz_oPRzJXKKrYCsA==
Age: 5957
api.hookupers.com/track?preland_id=12&history_length=2
34.90.45.68200 OK 25 kB URL HTTP/2 api.hookupers.com/track?preland_id=12&history_length=2
IP 34.90.45.68:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 5f02ecc5e1b8c61961a94a37bdf7d9de
d8c94f7e48ef0a27d4413a1a5b4e6ba6683c4d9d
dd708c11ef282819af322a40116d7e73f4122dd22420bb36e654ae95de9c4ae8
GET /track?preland_id=12&history_length=2 HTTP/1.1
Host: api.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
X-Prev-Url:
X-Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Origin: https://hookupers.com
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:29 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: https://hookupers.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, X-Prev-Url, X-Referer, X-Csrf-Token, X-Xsrf-Token, X-Requested-With
access-control-expose-headers: X-Total-Count
access-control-max-age: 86400
set-cookie: hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe; expires=Sun, 27-Nov-2022 10:23:29 GMT; Max-Age=3600; path=/; domain=.hookupers.com; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6116
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 09:23:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6116
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 09:23:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6116
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 09:23:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6116
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 09:23:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 27401
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hookupers.com/static/js/3887.427354d6.chunk.js
104.26.15.67200 OK 126 kB URL HTTP/2 hookupers.com/static/js/3887.427354d6.chunk.js
IP 104.26.15.67:0
File type ASCII text, with very long lines (65459)
Size 126 kB (125546 bytes)
Hash 340b78c14b33e6553de61b424b8ee9ba
493e89e6d178047747983b0d761a7877b22306b5
eda85b5582f89820520fad366771ae97f999b6a7620c463439d1170c32c74cb8
Analyzer Verdict Alert fortinet Phishing
GET /static/js/3887.427354d6.chunk.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:28 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 07:45:29 GMT
vary: Accept-Encoding
etag: W/"6347c219-6d8cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 3864540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2Zk2BAGzccyXpcMfh1VPNvP9l8j%2B0DYM%2BzliNhI3%2BNqbQOsJhRJwwfyhNlhLeYdimdQCVENJ84pmUdvejLCOPslUuM1n22qcrtw34bJCDSx9kYDIc%2B0%2BekAYFhzV5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce274d2f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e615cdc2e330b5cf76435abce9aa631a
71f737c3cee7766494157cd6491ce247a785c09e
853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 11:33:57 GMT
age: 78572
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 41512
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hookupers.com/static/js/516.0b472f70.chunk.js
104.26.15.67200 OK 42 kB URL HTTP/2 hookupers.com/static/js/516.0b472f70.chunk.js
IP 104.26.15.67:0
File type ASCII text, with very long lines (65460)
Hash dd7a1dba9d0486ba5b6a696f5d1c18d4
3c2a9a44a0280ef28f19a1e5c5b9252a04697171
e0eb45287159d3763d2a1463e85df91f54920875cbaea9081f58465e54446f9b
Analyzer Verdict Alert fortinet Phishing
GET /static/js/516.0b472f70.chunk.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:28 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
etag: W/"637f42ef-159ca"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 256046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVIK%2BbaUom7He00mQRucgsQJsG3Gxv609%2FmO3bqvinE26pN5HIVA3sSAAigPCHHbjIYhFYFUnKHA0gyWIQhEMwMn%2BwNebafNs9zFcWdjqNOEBcOts%2FAVJrRZ2q6Lf1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce274d2d0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 41601
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 41508
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.hookupers.com/track/events/page-load
34.90.45.68204 No Content 0 B URL HTTP/2 api.hookupers.com/track/events/page-load
IP 34.90.45.68:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /track/events/page-load HTTP/1.1
Host: api.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-prev-url,x-referer
Referer: https://hookupers.com/landing/lp12/1?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Origin: https://hookupers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 09:23:29 GMT
access-control-allow-origin: https://hookupers.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, X-Prev-Url, X-Referer, X-Csrf-Token, X-Xsrf-Token, X-Requested-With
access-control-expose-headers: X-Total-Count
access-control-max-age: 86400
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
hookupers.com/static/js/8581.85437f91.chunk.js
104.26.15.67200 OK 0 B URL HTTP/2 hookupers.com/static/js/8581.85437f91.chunk.js
IP 104.26.15.67:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/8581.85437f91.chunk.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
etag: W/"637f42ef-617d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 256047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aT%2Bfb1hAo56iuK940aAcO%2F9yHlodVUHSZripgk1EkFSaKye%2BWO90m9OsSNQO5mvMLIOiSuNn2XH8%2FGXEN7JrqpHHA4n0GCSxaqekgK3jfLKdsSne4XNQ1%2FeVgmHuziw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce2188000b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
hookupers.com/static/js/TDSApp.bf74b5f0.chunk.js
104.26.15.67200 OK 0 B URL HTTP/2 hookupers.com/static/js/TDSApp.bf74b5f0.chunk.js
IP 104.26.15.67:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/TDSApp.bf74b5f0.chunk.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
etag: W/"637f42ef-d80"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 256047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mieYjbaFskN3liTWhan4jANQ5mOmMDpWVXwdtSn2yfGHSy4AQ%2BXdQJC9RoqZ3eg%2FMeCp4kINdL5KR8caiwgBWH9hl68cApbxiU%2BWwG%2Bj26oxmmU7rHoJ0g9ZtqGCZ%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce21880a0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
hookupers.com/static/js/5676.eee08380.chunk.js
104.26.15.67200 OK 0 B URL HTTP/2 hookupers.com/static/js/5676.eee08380.chunk.js
IP 104.26.15.67:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/5676.eee08380.chunk.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
etag: W/"637f42ef-4411"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 256047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MF32Yb9th%2BR7E3T1qs%2F3t3UkBLnjH%2BoPCyS6K0WxZmlsSDX5XrwDuAHJpTpOz6LZGLWENO4AmYisSRo9V3Ne0ST4Kc0pqzsJYwjWaGymgVg%2Fu9WY1htC%2BZq2CS%2FneE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce2188080b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
hookupers.com/favicon.ico
104.26.15.67404 Not Found 0 B URL HTTP/2 hookupers.com/favicon.ico
IP 104.26.15.67:0
GET /favicon.ico HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: text/html
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnWFS7T4hYJcNSD131WFGgBea%2Fc3WR37P9lHLh%2Fn%2FY5CZmZ6LWBfL6bFvfS3r8Wvv0%2F7UXlyB8Oy5L70oN81YLMZSfp7tsuE%2FeYClfWXVqnXj%2F%2BHoC1sm1VtkluECv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce21a8320b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.hookupers.com/track/events/page-load
34.90.45.68200 OK 0 B URL HTTP/2 api.hookupers.com/track/events/page-load
IP 34.90.45.68:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
POST /track/events/page-load HTTP/1.1
Host: api.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12/1?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
X-Prev-Url: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
X-Referer: https://hookupers.com/landing/lp12/1?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Content-Type: application/json
Content-Length: 396
Origin: https://hookupers.com
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:29 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: https://hookupers.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, X-Prev-Url, X-Referer, X-Csrf-Token, X-Xsrf-Token, X-Requested-With
access-control-expose-headers: X-Total-Count
access-control-max-age: 86400
set-cookie: hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe; expires=Sun, 27-Nov-2022 10:23:29 GMT; Max-Age=3600; path=/; domain=.hookupers.com; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
translations.hookupers.com/translations/frontend/en/common.json?v=633
54.230.111.25200 OK 0 B URL HTTP/2 translations.hookupers.com/translations/frontend/en/common.json?v=633
IP 54.230.111.25:0
Analyzer Verdict Alert fortinet Phishing
GET /translations/frontend/en/common.json?v=633 HTTP/1.1
Host: translations.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Origin: https://hookupers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 86400
last-modified: Fri, 25 Nov 2022 15:58:47 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 26 Nov 2022 15:59:11 GMT
etag: W/"4f867070b933d90701ba3f2d93019ccb"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gTzXvMMt3qvAUTiHGS-Qd-ZTLNh8zie8Z3tvYDqwd8-y9ydJpMPehg==
age: 62659
X-Firefox-Spdy: h2
hookupers.com/static/css/main.731ba128.css
104.26.15.67200 OK 0 B URL HTTP/2 hookupers.com/static/css/main.731ba128.css
IP 104.26.15.67:0
GET /static/css/main.731ba128.css HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: text/css
last-modified: Thu, 13 Oct 2022 07:45:29 GMT
vary: Accept-Encoding
etag: W/"6347c219-6271"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 3864540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpVS1KyamaBZSUmv1otfyGTXq%2B3gHCSRfYGSMWV2jFTikTMGk8IZzvwoDP7s12wHIiRpru5mWCqltBsMg9rpVNFeMeVqlTJuY8lhWRaEkc%2FKS9vmK5urc%2By3FQU4Tuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce20ef640b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
hookupers.com/static/js/main.3ce0d90c.js
104.26.15.67200 OK 0 B URL HTTP/2 hookupers.com/static/js/main.3ce0d90c.js
IP 104.26.15.67:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/main.3ce0d90c.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/entry?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:27 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
etag: W/"637f42ef-34787"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 256047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egdR5mxDyI0D3VAoL0xmHzRjXEwVHv9OONENE%2FxUWZyoLgbJvftVHd2AQHTfceddVc5zb7BuhqABfn5JwnFJ7AxOt5W3EhfY%2FCeiFIAgwI0ugXtEQu7LfuYMMsll6tQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce20ef610b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.hookupers.com/track/events/page-load
34.90.45.68200 OK 0 B URL HTTP/2 api.hookupers.com/track/events/page-load
IP 34.90.45.68:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
POST /track/events/page-load HTTP/1.1
Host: api.hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
X-Prev-Url:
X-Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Content-Type: application/json
Content-Length: 395
Origin: https://hookupers.com
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:29 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: https://hookupers.com
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, X-Prev-Url, X-Referer, X-Csrf-Token, X-Xsrf-Token, X-Requested-With
access-control-expose-headers: X-Total-Count
access-control-max-age: 86400
set-cookie: hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe; expires=Sun, 27-Nov-2022 10:23:29 GMT; Max-Age=3600; path=/; domain=.hookupers.com; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
hookupers.com/static/js/SiteApp.fb706f44.chunk.js
104.26.15.67200 OK 0 B URL HTTP/2 hookupers.com/static/js/SiteApp.fb706f44.chunk.js
IP 104.26.15.67:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/SiteApp.fb706f44.chunk.js HTTP/1.1
Host: hookupers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hookupers.com/landing/lp12?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje&dp=%2Fupgrade%3Ffunnel%3Dintro_skip&req_cid=10107a74-0b64-47ff-936e-7721d639a873&event_data_id=66179201
Connection: keep-alive
Cookie: tracking_params=?mf=mhlagd&partner_id=151&subsource_name=61b4906c-3348-438a-bc8c-8b90088f4b27&subsource_name2=remnant&subsource_name3=&subsource_name4=&click_id=wuprji4fm76rq1pk2dudoqje; initial_id=99af04db-63fa-45fd-8fb8-4b5815f90961; language=en; hookupers_session=lp3pcOZdnYSzhsLeATuF0AwJUU3rPZn68QldR7Fe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:23:28 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:09:51 GMT
vary: Accept-Encoding
etag: W/"637f42ef-18528a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 256046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EERZMY%2F%2BZNiJkIXkgJzniveEXsMJ2i%2BZp2JvM3ivS8jXMXnnCwKIbaiCdG8s%2FGAvMD51yFi1jQPGdVlDbM0lCNF2mOdwXMDc0CM7407SYAPKyhLbkRkbPwlSx5sJx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709ce274d320b51-OSL
content-encoding: br
X-Firefox-Spdy: h2