www.dql2clk.com/6FJ6LF/75M26WG
34.117.199.78302 Found 248 B URL HTTP/1.1 www.dql2clk.com/6FJ6LF/75M26WG
IP 34.117.199.78:0
File type HTML document, ASCII text
Hash a85f4d08aba0fa2b94bd11d2b6fdee37
871ecba48ee474dedc5528cfccc7e76fbf1bdb8e
10cd70ba3198648c93a009e90be0c5c759993e461e47ee595d509bd73288cbe8
Analyzer Verdict Alert fortinet Phishing
GET /6FJ6LF/75M26WG HTTP/1.1
Host: www.dql2clk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: nginx
date: Sat, 10 Dec 2022 09:54:33 GMT
content-type: text/html; charset=utf-8
content-length: 248
location: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
set-cookie: uniqueClick_75M26WG=e99a388a-4e4e-4893-9689-3b011a0514e9:1670666073; Path=/; Expires=Sun, 11 Dec 2022 09:54:33 GMT; SameSite=None
transaction_id=760e99713e9e4b82b29b7d007685904b; Path=/; Expires=Fri, 10 Mar 2023 09:54:33 GMT; SameSite=None
vary: Origin
x-eflow-request-id: f913e4f1-4fad-48a3-af81-1bed42cb3078
Via: 1.1 google
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3784
Expires: Sat, 10 Dec 2022 10:57:37 GMT
Date: Sat, 10 Dec 2022 09:54:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11935
Expires: Sat, 10 Dec 2022 13:13:28 GMT
Date: Sat, 10 Dec 2022 09:54:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 09:08:23 GMT
content-type: application/json
age: 2770
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11588
Expires: Sat, 10 Dec 2022 13:07:41 GMT
Date: Sat, 10 Dec 2022 09:54:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BdYwJVSpSD3DPxPXSrQpD47ZhzP/x9lRUwBFmffnLvyoHS2pE407rvotMNiZHAMeng1JNERHct8=
x-amz-request-id: RG6Z4AR5HA22Q3SC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 09:48:44 GMT
age: 349
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 09:54:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b5fa25be73bebc74d1a9e0f2c0f0eeae
d5627c12e067897ec5d4325f0bea6cac54d1e153
ebdb26c9bb78612d6409c84edf412116ff330765a3e2d03cdeb60676ec70d2c4
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113589
Date: Sat, 10 Dec 2022 09:54:34 GMT
Etag: "63935d1f-1d7"
Expires: Sun, 11 Dec 2022 17:27:43 GMT
Last-Modified: Fri, 09 Dec 2022 16:06:55 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AcHM8kYsphQALwRyycdoyJGxf77ZLCSODIapSvNgseetMVcICrYL-Q==
Age: 4848
www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
3.121.64.120200 OK 8.0 kB URL HTTP/2 www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
IP 3.121.64.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1438)
Hash b94a8f855758e9158d0bda9358d612b9
75f587671b9e6622325086fb5ebb04c8332b8245
d99954706ebaf8c3b20a57ad76c3a8288dfb01b9c5e681143385ec334cc7abed
GET /8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/html; charset=UTF-8
content-length: 8048
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 09:33:14 GMT
age: 1280
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/jquery-ui.css
3.121.64.120200 OK 8.4 kB URL HTTP/2 www.99hookups.com/8365/css/jquery-ui.css
IP 3.121.64.120:0
File type ASCII text, with very long lines (2363)
Hash eb890942f434115913de08899ef174a4
84518af33d2157bf638eecd96ec00eeb378f547d
65c520e543b735967301de8a17d88ebfe96f9969d596fe477ebe4850f99f5d32
GET /8365/css/jquery-ui.css HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 8405
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "8d02-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/magnific-popup7a19.css?1552897983
3.121.64.120200 OK 2.8 kB URL HTTP/2 www.99hookups.com/8365/css/magnific-popup7a19.css?1552897983
IP 3.121.64.120:0
Hash 428b1ed02fbe4fec6ad424877bb5e008
535e0b27a42fbb4023673b4ac992ab238cf64676
ae290d16bfe3943a7eb5ccdb590f4a792eaf3accf94fb1fc083f4804211ced6d
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/magnific-popup7a19.css?1552897983 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 2824
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "2b38-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/cssd4a6.css?family=Raleway:300,400,500,600,700,800
3.121.64.120200 OK 226 B URL HTTP/2 www.99hookups.com/8365/css/cssd4a6.css?family=Raleway:300,400,500,600,700,800
IP 3.121.64.120:0
Hash bfcfa21350d158280f771d5b3f0c981e
7e8a162a764e6721ef25302f21db8f6a3b64c804
e8ad9cd38afcd2da6765cb7e2c2c0e6c5523dc6bdc62eefe2d24cc6d7768d217
GET /8365/css/cssd4a6.css?family=Raleway:300,400,500,600,700,800 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 226
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "4a4-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/all.css
3.121.64.120200 OK 9.0 kB URL HTTP/2 www.99hookups.com/8365/css/all.css
IP 3.121.64.120:0
File type ASCII text, with very long lines (41352)
Hash 3e803635b0b559c291e5393f9b5a21c2
f2fc7fa483de814eca551f3574d67a8b6b94715c
8ad49d7db43a2ef26a506d5a668d0b29b30876c6bf94c96e353f2e00b58dbab5
GET /8365/css/all.css HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 9047
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "a23d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/css4d29.css?family=Bevan
3.121.64.120200 OK 186 B URL HTTP/2 www.99hookups.com/8365/css/css4d29.css?family=Bevan
IP 3.121.64.120:0
Hash bb44b0412c2360c659712bd23873fbea
c80b1cb5b1d1279ec28f3b4ceb6bc45503fc223f
b3dea3e23e19bd0829b19d60658d65013c061ae4287e42425482472fe43ba0b8
GET /8365/css/css4d29.css?family=Bevan HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 186
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "de-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/css29bd.css?family=Oleo+Script:400,700
3.121.64.120200 OK 232 B URL HTTP/2 www.99hookups.com/8365/css/css29bd.css?family=Oleo+Script:400,700
IP 3.121.64.120:0
Hash f59aaa1652a17f4a2a9cbfb893f74a34
ac2035c743ade270b6894181692b3494ede35bbd
20b78a5fa4da2252324b9cee7fc7aff8bf886062fb3c071a8f0dbcca1b7a6e3f
GET /8365/css/css29bd.css?family=Oleo+Script:400,700 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 232
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1ec-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/carousel-type015146.css?1552897995
3.121.64.120200 OK 140 B URL HTTP/2 www.99hookups.com/8365/css/carousel-type015146.css?1552897995
IP 3.121.64.120:0
Hash 9e44aa06256b0151e604971c2add024d
b9352d226598aa1ec456ee0866e8cc78bb3fe73f
e84a5f0f0b8b1b37be6a5732d61b7ed0bc9b0b580b8b281cd98e5585a16778b1
GET /8365/css/carousel-type015146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 140
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "d7-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/bg-overlay-type025146.css?1552897995
3.121.64.120200 OK 227 B URL HTTP/2 www.99hookups.com/8365/css/bg-overlay-type025146.css?1552897995
IP 3.121.64.120:0
Hash 773d7a60a3ea8b8fb44783c224dd0819
2108720dd00e416238d5c942412d1a1b24c17dc5
4af747abecd428780989d63ebe95a248bcb3660fce29d84498d260036a030e8a
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/bg-overlay-type025146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 227
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1de-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/bootstrap.min5146.css?1552897995
3.121.64.120200 OK 21 kB URL HTTP/2 www.99hookups.com/8365/css/bootstrap.min5146.css?1552897995
IP 3.121.64.120:0
File type ASCII text, with very long lines (65324)
Hash 4e2c02211d789bbe7250420d16cef501
a8c6cb2336ce2313a99d934e8f77345b3f946137
a825f26affa88c3d5651c464aa7e866df1c3980051bc0620c546aa728eb713a8
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/bootstrap.min5146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 21047
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "22688-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/mdb.minc11e.css?1552897996
3.121.64.120200 OK 60 kB URL HTTP/2 www.99hookups.com/8365/css/mdb.minc11e.css?1552897996
IP 3.121.64.120:0
File type ASCII text, with very long lines (38486)
Hash 539f0a939fac888612159ab7fb6420d8
8bb471e03c0302095904253e333ca87eb04b8a30
ec32fbfee0e53ef3e96e42f65611358ed41ea1bf4506fdabf0ceb08b8317fb83
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/mdb.minc11e.css?1552897996 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 59754
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "7e452-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/intro-type035146.css?1552897995
3.121.64.120200 OK 335 B URL HTTP/2 www.99hookups.com/8365/css/intro-type035146.css?1552897995
IP 3.121.64.120:0
Hash 1e4cb7ea92df4f2430ba2baad33a4a5b
7a81b87d2d715e9d23e12bfdeaaa1b8905ac9091
840cebcef01ff7963aff07d07ebbe8d406413a67371b57825bee3f399508113f
GET /8365/css/intro-type035146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 335
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "37c-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/stepper-type035146.css?1552897995
3.121.64.120200 OK 327 B URL HTTP/2 www.99hookups.com/8365/css/stepper-type035146.css?1552897995
IP 3.121.64.120:0
Hash 3cba407c50f9cb555518820fb259be11
eeb11795fece07f228595ebee195a0c940d0118d
5e622ed27ac60452dbd5cba0209369e79cab7b00024a94c040163fb435d0f771
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/stepper-type035146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 327
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "262-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/multistep-type074a33.css?1575984656
3.121.64.120200 OK 1.2 kB URL HTTP/2 www.99hookups.com/8365/css/multistep-type074a33.css?1575984656
IP 3.121.64.120:0
File type ASCII text, with very long lines (673)
Hash c48ba9926fabbb458b4c262ef52c7b46
0d05157cc3eba2c45e19c33c7f126105d0ad0e7b
0974a71786a8842526d78aec65fb18bb0a9676542c4a766ce6c7fd20e8e603bd
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/multistep-type074a33.css?1575984656 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 1202
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "d53-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/form-elements-type01b2b7.css?1568802110
3.121.64.120200 OK 1.3 kB URL HTTP/2 www.99hookups.com/8365/css/form-elements-type01b2b7.css?1568802110
IP 3.121.64.120:0
Hash 6de57be4de345de0ef397faf2b83c3ca
414ae309fd43e65aa999c352c21ae4b0b2f3c3ab
d9452f514be5bfae1979220749ea586810e9b64b8cbbcdb36bb818211469ac9e
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/form-elements-type01b2b7.css?1568802110 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 1278
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "111d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/validationmodal-type015146.css?1552897995
3.121.64.120200 OK 270 B URL HTTP/2 www.99hookups.com/8365/css/validationmodal-type015146.css?1552897995
IP 3.121.64.120:0
Hash a93577fcc74ee7a34129fed04ee395d1
18c1576f2a12f07b7c68666218d35b7c623e145c
2fedeb15f6899d6aa7a94ea1e286047e1c9a223df2c4d15425a3e3ee10772822
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/validationmodal-type015146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 270
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "27e-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/styling92b1.css?1579682355
3.121.64.120200 OK 247 B URL HTTP/2 www.99hookups.com/8365/css/styling92b1.css?1579682355
IP 3.121.64.120:0
Hash ec3888642bd2af0e1bb333f8fa03b1d2
abf57e8fdd00152fa0ba69f3f1758a4104c94781
96a3e08c8cb47673ce5ba7e491e24c61482570f75f63395d911c74af22f237df
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/styling92b1.css?1579682355 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 247
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "263-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/popupregister.js
3.121.64.120200 OK 1.4 kB URL HTTP/2 www.99hookups.com/8365/js/popupregister.js
IP 3.121.64.120:0
Hash 8a4cb4e1d417ced9a128a62bdfebb31c
b36bc5736d80f105fa0c3f4fc3ee48acde936dae
949c10461b14a53bd61d83f9fd8983b28770d188ce9cdc19750ffbf630295820
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/popupregister.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 1400
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "14f5-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/stylec11e.css?1552897996
3.121.64.120200 OK 249 B URL HTTP/2 www.99hookups.com/8365/css/stylec11e.css?1552897996
IP 3.121.64.120:0
Hash 0429f6bbb648eb8dce5d0787f69bafcf
1622c57197d4610a04cff39872f38074455819b8
8a48c217eab0fb3908fed484559ff31aea6658bb4200a61dfeee07a9de38f368
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/stylec11e.css?1552897996 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 249
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1e7-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/sexy01.css
3.121.64.120200 OK 177 B URL HTTP/2 www.99hookups.com/8365/css/sexy01.css
IP 3.121.64.120:0
Hash 9f91e66771a38562e2f0b533aa6e9ca8
9752b4685a5f96e332062b2ec13655a64439e4da
efdd49c87d9339e9cc51ba25e8dd7d94421283686dc1967fa01ada70cd1f6f13
GET /8365/css/sexy01.css HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 177
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "3fd-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/general5146.css?1552897995
3.121.64.120200 OK 925 B URL HTTP/2 www.99hookups.com/8365/css/general5146.css?1552897995
IP 3.121.64.120:0
File type ASCII text, with very long lines (614)
Hash c5ff36e73e405f3e6667338f03fd412d
5b721e559c8bc30d192a99ea629ed071af2fc7c0
9f059784cba05862335685405be3b6a324749eae1f7f0a0440fb1e9e358e3007
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/general5146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/css
content-length: 925
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "cb7-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/jquery-migrate-3.0.1.min.js
3.121.64.120200 OK 3.5 kB URL HTTP/2 www.99hookups.com/8365/js/jquery-migrate-3.0.1.min.js
IP 3.121.64.120:0
Hash 77805915cd6097a4ffda2303afb8c371
8e69abe20647ec0350055f65a2fd780eba5fa0d1
e85b9032ebca10bfa70a4a2ce6a92461aa2d31d7200cc9b2427b565c1cd51194
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 3474
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "2c9d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/popper.min.js
3.121.64.120200 OK 7.3 kB URL HTTP/2 www.99hookups.com/8365/js/popper.min.js
IP 3.121.64.120:0
File type ASCII text, with very long lines (20363)
Hash a58f37d3887c59d958259f93a27e51c8
73cd6474966c3337eb4d5d48ccaac3e832a94940
d17499eb5d36405eada4f31a9354a5998a221c6873e26c29c52bedc09d635a16
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/popper.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 7301
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "5039-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/multistep.js
3.121.64.120200 OK 1.8 kB URL HTTP/2 www.99hookups.com/8365/js/multistep.js
IP 3.121.64.120:0
Hash b63c4f1aaef1528ff8397e7e709069a1
30e004c8f55af4f59c8a1df2920ed2e89acdc9cd
a9e61e8884ead1951df41040a5b33e14897edabc61ed70e36080ad36af780976
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/multistep.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 1847
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1743-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/bootstrap.min.js
3.121.64.120200 OK 14 kB URL HTTP/2 www.99hookups.com/8365/js/bootstrap.min.js
IP 3.121.64.120:0
File type ASCII text, with very long lines (50758)
Hash 2cb8caa8c251fe1763b6b2f447a6b169
0f9316b868e48b83ca40c4709c13cd6fff5c2eb5
c7904677b8b2f52c1e0d24522cea665310a3afc75f371fd3d226afd79110f332
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/bootstrap.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 14085
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "c75f-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 75b9a0898c2c0067e9441fe83909011e
d61f960febc0898fbce2f356e90827fad8e53864
59c438799791eafb77e8cd164493087f5cf108f28da4fa5d5ca418ce276b47c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4035
Cache-Control: max-age=169678
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 09:54:34 GMT
Etag: "63943b65-116"
Expires: Mon, 12 Dec 2022 09:02:32 GMT
Last-Modified: Sat, 10 Dec 2022 07:55:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
www.99hookups.com/8365/js/magnific-popup.js
3.121.64.120200 OK 12 kB URL HTTP/2 www.99hookups.com/8365/js/magnific-popup.js
IP 3.121.64.120:0
Hash a37c2f881af845832c079445350ccbd5
b56cb163d6cd21b085b3ff999c767c41251d901b
a1ac9ef12d519d4ea7a8c64b32a1d6830e03876179fc7f2420e4bee2212b2ead
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/magnific-popup.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 12489
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "a302-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/main.js
3.121.64.120200 OK 917 B URL HTTP/2 www.99hookups.com/8365/js/main.js
IP 3.121.64.120:0
Hash d0714f85e07e266d5aedb365a16dab2a
445a74e992569083e1665e86c6dd38f775d6fa5e
f51d7e225bed358cfecfc48c0652f043981ae10e79953226e6fcb84d0cdca9bf
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/main.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 917
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "a6c-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/jquery.min.js
3.121.64.120200 OK 30 kB URL HTTP/2 www.99hookups.com/8365/js/jquery.min.js
IP 3.121.64.120:0
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/jquery.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
content-length: 30138
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "15283-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6128
Cache-Control: max-age=89669
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 09:54:34 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:49:03 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 09:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 75b9a0898c2c0067e9441fe83909011e
d61f960febc0898fbce2f356e90827fad8e53864
59c438799791eafb77e8cd164493087f5cf108f28da4fa5d5ca418ce276b47c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4035
Cache-Control: max-age=169678
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 09:54:34 GMT
Etag: "63943b65-116"
Expires: Mon, 12 Dec 2022 09:02:32 GMT
Last-Modified: Sat, 10 Dec 2022 07:55:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 09:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.99hookups.com/8365/js/jquery-ui.min.js
3.121.64.120200 OK 384 kB URL HTTP/2 www.99hookups.com/8365/js/jquery-ui.min.js
IP 3.121.64.120:0
Size 384 kB (383591 bytes)
Hash a23ffa4ea9fce673174601f31b674c3c
e11e0269aca4cf0ebe0cc10292239324eddbfd68
b92f579b8424c644f6a76ce4c73b4bc0ba35fc92b2a88bceebe7a8df7bd520b7
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/jquery-ui.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "3ab2b-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/woff2/fa-solid-900.woff2
3.121.64.120200 OK 50 kB URL HTTP/2 www.99hookups.com/8365/woff2/fa-solid-900.woff2
IP 3.121.64.120:0
File type Web Open Font Format (Version 2), TrueType, length 50372, version 1.0\012- data
Hash 8a8c0474283e0d9ef41743e5e486bf05
1ba4dd60af529d1a72d0e57467c3bc0bbb728a4d
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
Analyzer Verdict Alert fortinet Phishing
GET /8365/woff2/fa-solid-900.woff2 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.99hookups.com/8365/css/all.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: font/woff2
content-length: 50372
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "c4c4-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.99hookups.com/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
3.121.64.120302 Found 0 B URL HTTP/2 www.99hookups.com/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
IP 3.121.64.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
location: /newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
X-Firefox-Spdy: h2
www.99hookups.com/newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
3.121.64.120404 Not Found 1.1 kB URL HTTP/2 www.99hookups.com/newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
IP 3.121.64.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert fortinet Phishing
GET /newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: text/html; charset=UTF-8
content-length: 1130
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rg5BtrwzT1W/lwhtyLP2gQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CTIHz3dPyJeVY7Mle6QyTxqbWXk=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 446582b6d8bb450513d64b057dc17740
6ed689e5ac140768c9984ef5690909255f1619df
d986ae5d905125cee19fb1c83732c2a37273acd97c9e07072c5c1cf0d86f62e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136100
Date: Sat, 10 Dec 2022 09:54:34 GMT
Etag: "6393c7fe-1d7"
Expires: Sun, 11 Dec 2022 23:42:54 GMT
Last-Modified: Fri, 09 Dec 2022 23:42:54 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B68aWEpMacRqQlt4ukpDghYFJGViExDJVKcM0VR928U1tFnff3bGGw==
www.99hookups.com/8365/apple-touch-iconddb4.html?v=9By5Al4mbO
3.121.64.120200 OK 113 B URL HTTP/2 www.99hookups.com/8365/apple-touch-iconddb4.html?v=9By5Al4mbO
IP 3.121.64.120:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6c5b2506fbc238513557991cdbbacbad
242cf192558ef2ddd6632fe991d073484ef60a43
9c09b7c8795f96108cf7bb83f091b0b45fbebf55832dbd167e31567664e32d2e
Analyzer Verdict Alert fortinet Phishing
GET /8365/apple-touch-iconddb4.html?v=9By5Al4mbO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:35 GMT
content-type: text/html
content-length: 113
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "99-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/png/favicon-16x16ddb4.png?v=9By5Al4mbO
3.121.64.120200 OK 1.3 kB URL HTTP/2 www.99hookups.com/8365/png/favicon-16x16ddb4.png?v=9By5Al4mbO
IP 3.121.64.120:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b8be4c55f444e9ce21873703c20a36a6
6c0b08d3ee1b8d8d5f22954bd6e7cb04d6990c53
ddd1d4d315cae5c0a7c93cf642aac0532d4476e9c146e5ba3e1a44fa438f0faf
Analyzer Verdict Alert fortinet Phishing
GET /8365/png/favicon-16x16ddb4.png?v=9By5Al4mbO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:35 GMT
content-type: image/png
content-length: 1327
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "52f-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto
142.250.74.74200 OK 610 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 142.250.74.74:0
Hash 9f1ae41aacaa0c665e41b620d358f848
4b215309ababe053ef25b896dfe223c59a9c6367
bfe16f32f4188bffecac639b1be4c5405c92a69bc319aa95e03b097184983195
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 09:54:34 GMT
date: Sat, 10 Dec 2022 09:54:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11516
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 09:54:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11516
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 09:54:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11516
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 09:54:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11516
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 09:54:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 42659
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1a13d12c326848d5b7adeb2562a35a5
d795c519ea637a213aab1d80daaf44ce5ad19069
f7b99c93b99268e1b2fa438d493cf23cd75a98833710ddd22b5278a76e9f019a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 05f49b7c-7c76-4df4-8258-c270078d8fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctl_TH-KoAMFkWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9fb-1971e1e0359763a96b4d320b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:06:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BEsmH1BkWu_c_-qHStWD1CT1Lx1AZVcw9tnLcoGZCmnjwFWdtB7BRA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 00:10:12 GMT
age: 35064
etag: "d795c519ea637a213aab1d80daaf44ce5ad19069"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4acdd84d-55dd-4e5d-bcf3-ab9d63566335.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4acdd84d-55dd-4e5d-bcf3-ab9d63566335.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a81548132f6f176f60e4fc278114ff84
3f330d6c27242cc3d65b975ab4a1c39b08fb69de
82095572be60a13b933293fa38a956e366a854becc5532dfccbf5893366ab702
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4acdd84d-55dd-4e5d-bcf3-ab9d63566335.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7535
x-amzn-requestid: 9c904976-42b9-40c9-aefa-201f0f84358f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMUHw7IAMFSng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3a601e621f9f31c7509f4e52;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lqpcbADJan6TfJwh4c4A0pn6R11QwnLRxtyxQgFLLcCVvyVDMERfRg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:54:09 GMT
age: 43227
etag: "3f330d6c27242cc3d65b975ab4a1c39b08fb69de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F_FNF6MAvQjqQ9kTGvu8lERPdurC-ZyLWtxQ5Ezs1OBUUmejNwiQ4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:13 GMT
age: 42863
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:25 GMT
age: 43271
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
age: 42632
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.99hookups.com/8365/jpg/02.jpg
3.121.64.120200 OK 211 kB URL HTTP/2 www.99hookups.com/8365/jpg/02.jpg
IP 3.121.64.120:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1403, components 3\012- data
Size 211 kB (211150 bytes)
Hash c05ba08d5920283a9406326e4b746403
72907f01dfd875ac91a3b4c39290340a001e5729
4ea8b15b0e28bb505acf8e33f69cd99d54f461434335bb806b6e89b3fb2d2d7e
GET /8365/jpg/02.jpg HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/css/sexy01.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:40 GMT
content-type: image/jpeg
content-length: 211150
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "338ce-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUoiKVdDbKhNYwvJrsKp8RbC8Otq3ClQEmIx-HDe4wQYYompXjy2Yw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:44 GMT
age: 42598
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 798
expires: Tue, 13 Dec 2022 09:54:34 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7775199568870afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/mdb.min.js
3.121.64.120200 OK 0 B URL HTTP/2 www.99hookups.com/8365/js/mdb.min.js
IP 3.121.64.120:0
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/mdb.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=760e99713e9e4b82b29b7d007685904b&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 09:54:34 GMT
content-type: application/javascript
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "6624d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2