r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4805
Expires: Thu, 02 Feb 2023 21:12:03 GMT
Date: Thu, 02 Feb 2023 19:51:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5195
Expires: Thu, 02 Feb 2023 21:18:33 GMT
Date: Thu, 02 Feb 2023 19:51:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 19:43:31 GMT
content-type: application/json
age: 508
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20575
Expires: Fri, 03 Feb 2023 01:34:54 GMT
Date: Thu, 02 Feb 2023 19:51:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OHGyUnDoUwtoERO3R6wR9eGI5EhzQZTs5GERffi169Lo/FJAiSRfdvpu5/36GSeZRuuZ+T8zAOiTgvWmN5r7mg==
x-amz-request-id: AQNWHFSGNGEB3ZAG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 19:23:14 GMT
age: 1725
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 19:51:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 19:07:19 GMT
age: 2680
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.toptools100.com/cgi-bin-py/catchyoutube_mini_report.cgi?channel=Q05FVF9nbF9NS1RfYmFubmVy&userid=ZDQwYWQyMmM2ZmM3YmIyYTAyZGE0MDY3ZGY2N2NiNTg=&type=YWN0X3htbF9mYWlsZWQ=&mini_version=MS4wLjAuMTE=
200 OK 2.3 kB URL HTTP/1.1 www.toptools100.com/cgi-bin-py/catchyoutube_mini_report.cgi?channel=Q05FVF9nbF9NS1RfYmFubmVy&userid=ZDQwYWQyMmM2ZmM3YmIyYTAyZGE0MDY3ZGY2N2NiNTg=&type=YWN0X3htbF9mYWlsZWQ=&mini_version=MS4wLjAuMTE=
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (626)
Hash d789998ee26b80ba2a8c16a9c307638f
99ebdff8ee6baf029514754918d8408244c24b72
68108f6e51823da818933776371c8e4f845d500b69aa02dab491e618d0af28f5
GET /cgi-bin-py/catchyoutube_mini_report.cgi?channel=Q05FVF9nbF9NS1RfYmFubmVy&userid=ZDQwYWQyMmM2ZmM3YmIyYTAyZGE0MDY3ZGY2N2NiNTg=&type=YWN0X3htbF9mYWlsZWQ=&mini_version=MS4wLjAuMTE= HTTP/1.1
Host: www.toptools100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 19:51:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2391
Expires: Thu, 02 Feb 2023 20:31:50 GMT
Date: Thu, 02 Feb 2023 19:51:59 GMT
Connection: keep-alive
www.toptools100.com/page/bouncy.php?&bpae=GbhGtKvmvUx797vv%2FSrQd0%2FZEHbNvS2QvsY1GslqLH5P41bkY4iPMjyDoN%2BZPBRRitz15WfNFBZJX4w597G5yTvEeOwt5HmXh6xAacD4804BDxdLnA825frKPzhVAYeuUOFy4RXn1g57SyxG6nFBlh50%2BGVIPwyinW2uPK8dj9T01kI17UBAgcW55x3jUgLuXGH9um3u62FEIn%2BjNnIKgxcm%2FW40JflkHV%2F8bKhRiUVYGZI50X1rUDuMUUXrT3On8RhZ7T0G5hkUxNSCdHKxRZYCY%2BYCv0WjdALIgvDJPYTS%2FYipg0Rz44e7PWnEyc9HA6o%2BfD7bqZsR2N1wFWL2Me6pkHXpDBTv5I1hGDrxg6Zv4TncVaP3ZM4uLeQWTICFd7v2MjgAqtPf2VG5hPGOcVaQB2pO6DTnq73QQzmJAUzQHJeKjhZTYpujocuBwfl79Da2EhXZ7vsE59kmVkiOMq9dERhBuKmUNkdnshfek2Xc7QrIGXOxv4RMQon4hw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
200 OK 982 B URL HTTP/1.1 www.toptools100.com/page/bouncy.php?&bpae=GbhGtKvmvUx797vv%2FSrQd0%2FZEHbNvS2QvsY1GslqLH5P41bkY4iPMjyDoN%2BZPBRRitz15WfNFBZJX4w597G5yTvEeOwt5HmXh6xAacD4804BDxdLnA825frKPzhVAYeuUOFy4RXn1g57SyxG6nFBlh50%2BGVIPwyinW2uPK8dj9T01kI17UBAgcW55x3jUgLuXGH9um3u62FEIn%2BjNnIKgxcm%2FW40JflkHV%2F8bKhRiUVYGZI50X1rUDuMUUXrT3On8RhZ7T0G5hkUxNSCdHKxRZYCY%2BYCv0WjdALIgvDJPYTS%2FYipg0Rz44e7PWnEyc9HA6o%2BfD7bqZsR2N1wFWL2Me6pkHXpDBTv5I1hGDrxg6Zv4TncVaP3ZM4uLeQWTICFd7v2MjgAqtPf2VG5hPGOcVaQB2pO6DTnq73QQzmJAUzQHJeKjhZTYpujocuBwfl79Da2EhXZ7vsE59kmVkiOMq9dERhBuKmUNkdnshfek2Xc7QrIGXOxv4RMQon4hw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash adbe2dcd88e410d6bad039379ad19a72
5d122805d01b7099153338663e0b4be5a38e030d
fdeaddd087b124b34a3a4c9971ceb54bd2532c52c08f92acdd5833f7788075cf
GET /page/bouncy.php?&bpae=GbhGtKvmvUx797vv%2FSrQd0%2FZEHbNvS2QvsY1GslqLH5P41bkY4iPMjyDoN%2BZPBRRitz15WfNFBZJX4w597G5yTvEeOwt5HmXh6xAacD4804BDxdLnA825frKPzhVAYeuUOFy4RXn1g57SyxG6nFBlh50%2BGVIPwyinW2uPK8dj9T01kI17UBAgcW55x3jUgLuXGH9um3u62FEIn%2BjNnIKgxcm%2FW40JflkHV%2F8bKhRiUVYGZI50X1rUDuMUUXrT3On8RhZ7T0G5hkUxNSCdHKxRZYCY%2BYCv0WjdALIgvDJPYTS%2FYipg0Rz44e7PWnEyc9HA6o%2BfD7bqZsR2N1wFWL2Me6pkHXpDBTv5I1hGDrxg6Zv4TncVaP3ZM4uLeQWTICFd7v2MjgAqtPf2VG5hPGOcVaQB2pO6DTnq73QQzmJAUzQHJeKjhZTYpujocuBwfl79Da2EhXZ7vsE59kmVkiOMq9dERhBuKmUNkdnshfek2Xc7QrIGXOxv4RMQon4hw%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: www.toptools100.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.toptools100.com/cgi-bin-py/catchyoutube_mini_report.cgi?channel=Q05FVF9nbF9NS1RfYmFubmVy&userid=ZDQwYWQyMmM2ZmM3YmIyYTAyZGE0MDY3ZGY2N2NiNTg=&type=YWN0X3htbF9mYWlsZWQ=&mini_version=MS4wLjAuMTE=
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 19:51:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RheEgoY2/C1zI+Z/4onQzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sdn4sbdbQSv1SyWCQOzs30YD3BQ=
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 99c4075f437b9f672ac0d7494e97d943
884f88051811cded71063926f84fa0393ec02cb3
a7afb3990d8c22c0c4376d413d08fcb91c525926717b90ac56f73b83c4e1ef58
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102245
Date: Thu, 02 Feb 2023 19:52:00 GMT
Etag: "63daec52-1d7"
Expires: Sat, 04 Feb 2023 00:16:05 GMT
Last-Modified: Wed, 01 Feb 2023 22:48:50 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: moX3C1iiG4-wIt9BmWhRNhViaM4D_8EMOp45C9lrI--V-TOR0JMqaw==
Age: 5235
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwn3ng344llp3rjbmi03t0k4u&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&cid=wn3ng344llp3rjbmi03t0k4u&rt=R
302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwn3ng344llp3rjbmi03t0k4u&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&cid=wn3ng344llp3rjbmi03t0k4u&rt=R
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwn3ng344llp3rjbmi03t0k4u&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&cid=wn3ng344llp3rjbmi03t0k4u&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 19:52:00 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wn3ng344llp3rjbmi03t0k4u
pragma: no-cache
set-cookie: cc-v4=Ksg0FmW4HHOh1rZkwTA9Ov3TOrRgnyXalktK0ISgEGfU2XIkilBgjjzhK9QB7oKacqit76AWaHW5TRAVMpPdDKSBEcsVPiLD15N8NGwyNF6EA31%2F0UVScHcI5qnIEbr0tGrepICJ8imEzmv3AFKzdA%3D%3D; Max-Age=31536000; Expires=Fri, 02-Feb-2024 19:52:00 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
alia-iso.com/favicon.ico
404 Not Found 653 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 19:52:00 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: mqovROYi
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 19:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 19:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 19:52:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 77423
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 77423
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 79023
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axFfTgcGtvqt1RcbyLpovD5Fr7J2Wx9pNwb92m2rwTdj-sGp0bIq-Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:10 GMT
age: 78771
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 77423
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 45353
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP
Hash aa7c3a9565863516e8bca0fe9f590eda
0844bdde672fb39ef2582abd96473f79bccde783
6262c4ab65b7e8be0539427f82a0fb6396c1323ba5678587aabc89c69c046c27
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP
Hash aa7c3a9565863516e8bca0fe9f590eda
0844bdde672fb39ef2582abd96473f79bccde783
6262c4ab65b7e8be0539427f82a0fb6396c1323ba5678587aabc89c69c046c27
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa8hmcl&sub2=34496&sub3=21&sub4=s8hnpa8hmci&sub5=38577&sub6=156696&sub7=frd&sub8=
302 Found 0 B URL HTTP/2 m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa8hmcl&sub2=34496&sub3=21&sub4=s8hnpa8hmci&sub5=38577&sub6=156696&sub7=frd&sub8=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=34496&offer_id=5246&sub1=s8hnpa8hmcl&sub2=34496&sub3=21&sub4=s8hnpa8hmci&sub5=38577&sub6=156696&sub7=frd&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 19:52:01 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63dc146188d6b300013f166f; expires=Fri, 02 Feb 2024 19:52:01 GMT; secure; SameSite=None
afoffers={"5246":1675367521}; expires=Fri, 02 Feb 2024 19:52:01 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klyiXbWHMiPM9tXj%2FoiWtgiAWr4YQq4TPQ0hjU3kjdHLTsVs5RVggmtn7wYeZoWi04pbB9a1Iu1tVf%2BliISb6fZUklmCd9dRv%2FvclsEJieenJ9iz2e90EZDi8MHGYMGgSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793577003800b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 615fdfeb5ae2be2491d01ff399de75b0
c4ac8bf4ddfc865292e36e28c1ec13bb3e9f915b
c7eaa9bf3d6956a0dfeecc0946c4d5b014b1b8651969cf30899595bd76f2a64e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 19:52:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:32:24 GMT
ETag: "c4ac8bf4ddfc865292e36e28c1ec13bb3e9f915b"
Last-Modified: Thu, 02 Feb 2023 18:32:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7935770138d8b52d-OSL
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496
302 Found 270 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0ff54cd4d852888aa33808c4cdfb13e2
9758087dec3f5c4a93f46ed0ef753b718b3f15e2
0d17a7f2f01e76e0865c45b9361435fe4a0cc2ac340d9b356a9c5912056e3233
GET /?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 270
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 19:52:01 GMT
Location: https://toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496&ckmguid=e3e61c25-abbb-45c1-9d1a-6829f609f107
Connection: close
ocsp.globalsign.com/alphasslcasha256g4
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP
Hash 9dd6ffee53c2448b3743b7698e7aad35
de37617328d3012c067ad4f4993f1121366bacc7
d8c138d8514be656361dc88b475490b3af32e8258114ebbe2e9f11e0f09af143
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 19:52:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 17:38:24 GMT
ETag: "de37617328d3012c067ad4f4993f1121366bacc7"
Last-Modified: Thu, 02 Feb 2023 17:38:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793577055f6db51e-OSL
toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496&ckmguid=e3e61c25-abbb-45c1-9d1a-6829f609f107
302 Found 234 B URL HTTP/1.1 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496&ckmguid=e3e61c25-abbb-45c1-9d1a-6829f609f107
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1415c91268345cfed608cea71c940d5d
7f079cfa87d8bbbd47cf6623ebf2277c63119d8d
d84ae5f300005b979f9c9d57f57b4e68678dcec925665d37bbef2673481cf8b1
GET /?a=16295&c=43694&p=r&s1=&s2=a_63dc146188d6b300013f166f&s4=34496&ckmguid=e3e61c25-abbb-45c1-9d1a-6829f609f107 HTTP/1.1
Host: toomoffr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 19:52:02 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-743286436&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=aNeqvtiGKuETyrKNsMQJsfLDe+EZectZknZ3axFQAPLhFbZkdBVEnw==; domain=.toomoffr.com; path=/; HttpOnly
trk=lJHK1wCPDjnINu1SGwdkkvLDe+EZectZknZ3axFQAPLhFbZkdBVEnw==; domain=.toomoffr.com; expires=Sun, 02-Feb-2025 19:52:02 GMT; path=/; HttpOnly
c36197=aNeqvtiGKuEc7Tn7S0WlWauH+ZP5RjRUcjCc49RqGnBeCUghiDE1Zg==; domain=.toomoffr.com; expires=Sat, 04-Mar-2023 19:52:02 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-743286436&source=16295&sum=
302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-743286436&source=16295&sum=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-743286436&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 19:52:02 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/EN3/n.php?cep=3UXRFxGIaVpf3j-FpO4PrqNQbrxxYaJ-ojJ5Xc7MhVGrfsGbXKuLWM7j9iSg3orfouBy4N65MkT31p9OB7xv1WY30SU7bTnmHHKgWIcWF7lPMWqchFojBB-oK6uQBNr2QfaGiBttW_c0zjU3GaRdrliWliOveOsR5xfgo9hgoN8hl4Ql0tgycSrf363j5mjstgtXq69tNTUci-eVI5uEkHt3G2pJuWnXM4NhC5qAlHziwTVQSPTFCo5XeRnWiEOiIs659X7JUzYMkIQjjcV109VERTe7xLjhUqKRfjgynXkQUAgxT-5PhJmsB1gLrqxhhFFrJ-ZwJx8EAo-zSSayIwdmxrG4p-DBfuWGu-33rEfDY3znfXJIP2Tzegt0R9m4QkkvS6KJyN5-bFalewR488xvmW_svLBe9kvPaZ-3tTA&lptoken=164875f03670934d2294&external_id=36197-743286436&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=4pb8pRcic41xt1BjLvPk6SDUF_BhWyyIkD4XZyxZTNw; Max-Age=86400; Expires=Fri, 03-Feb-2023 19:52:02 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=13i_WeRgfk4h09s3cv40eyKDgVPkyFatuzWwIQtbA50IZDbhH3kU-f5M6TrPgT7Pq-QSYFjK8wfrszDjWfSaw0z_Bxelj7pH-JRpTTMy3dnljIitunl4qQDzqft0n5Csry1O_Elp8pEAqvyJuFSZlURutIYkwcYY_WpgYVJi_GDvFtRFL1nwKkuvRkaB2mM8Q4kT22vX9r6-oWHNHL05ZQGb41aiJi6uQ1Tdh3i2ZnnJHTWaFUzc3hQP9LUMRdGuurWfSRSLu5l5HzcHj-Hxfv0rkH8DS508ygoLLWbCqKqcnxwbbznql1f8v834reliY09YM00MwHvf3P8y86TZNJnAgihWD0f_QQjF08nHQeWwohnYnVQXY399NV4A1J3KdRDx4PT2KP2ojEpW9CVgxH88Orx2GjV4cNtKRTdl234; Max-Age=86400; Expires=Fri, 03-Feb-2023 19:52:02 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
IP
Hash 702699daf1764ad266d42dfb367173fb
c19e852790d283faa9c6878a3130455887488c0e
493ad1f9678d47d5623a8bc420f415708c98a420c5e9c7fb5cd13e51c9fe15a8
POST /s/gts1p5/QsXoNUJjkNc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 19:52:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/html/EN3/js/functions.js
200 OK 12 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/js/functions.js
IP
File type ASCII text, with very long lines (11875)
Hash 103c05ce460ba983d06a0c643f685575
66104479472fbb835f21a962b1721e6dc58c16ac
34effdb7f91628d6f57b2e42067b33f6b2ef113ff1d2006f6fcfa3898ec2a776
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/EN3/js/functions.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=52042
expires: Fri, 03 Feb 2023 05:53:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 50298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpHw6HIJoQtq%2B5SlBJFcjhzvNS%2Fvu8hIC82E4CniG2HcRz2YCNPtf7Ql6fwbPtmjQj6xPU3b1Duk9t8sV3ROAn6laTuiGvnHWhQwM%2F%2FnxnFq1fJvAIDiyn1teHC6V7RMerPqUD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770d0f6cb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
Hash 47c43bf11e055f2b8eac896e03300f85
c06ded15f9acbac7dab6e7f84edbbbbf90254bd6
a3c79bee8fbce696679acca68d73ae286baa42c66138b7776434b946a4bb42ff
POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 19:52:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/html/EN3/css/style.css
200 OK 2.6 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/css/style.css
IP
File type ASCII text, with very long lines (9493), with no line terminators
Hash 67dd7eeb13778098ea9055b66cd61fe6
28fbb2511a6b29691e9d51b895847dfb60aab9c9
718fa5a0f54191089cd5fde21c6c802f184e0bafe1e1417272954109e06e6b3f
GET /sl/html/EN3/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=13343
expires: Fri, 03 Feb 2023 14:18:18 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 20024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxZBXWoXVWvzPeW3bUd3ZWw27WW6kPZtzjhv7kEWj%2F28TL0YJpIVRLf%2BOyh2OvV4fNGuhNKp%2FLOn9acIBv3We3KvXKhGmP48CUdJskLG4NxmODxagOA4Ok8lSUAlk3tqNrk%2BdwM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770cef14b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
Hash 47c43bf11e055f2b8eac896e03300f85
c06ded15f9acbac7dab6e7f84edbbbbf90254bd6
a3c79bee8fbce696679acca68d73ae286baa42c66138b7776434b946a4bb42ff
POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 19:52:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
200 OK 205 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (17654)
Size 205 kB (204930 bytes)
Hash 1ac7e15fcd2a9fb20d761b5b04a27052
ee5238bfe204a6145c6f2417668c9c8768bbe1a7
b446488a9246bb0261458863cb80c3701933ee34e2590f2f145fe5511ac90786
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 08:48:28 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 39815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjZoyxZbHsVvFYY5Z6NVwCNDk2e%2BMEQcsS54IfdXNQCaeVjReVY1Z06dVY63hbS18dV6ESxqtfhY6nyRysovivUaf42wa8duEh6Aq%2F1vLaq9oQW%2FKsnRmPE5pR9%2BDkr3HRdseGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770cef1fb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/images/m3.jpg
200 OK 21 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/images/m3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x400, components 3\012- data
Hash c698f5bab1daf1f3745ff2b31e4b5dc3
a175e04604ee3fd474d9818f52f193ff3e7784a0
672edb2ed70499efa3d65fc0eead7f24337897b874228c230c78c334c3ac0cb4
GET /sl/html/EN3/images/m3.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: image/jpeg
content-length: 20890
cache-control: max-age=86400
cf-bgj: h2pri
expires: Fri, 03 Feb 2023 14:18:19 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 20024
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baH9l4fUFgOTJGMIVLC2Pvn5oEK6kBn%2BNZSNFWdZ8uHF985MXizR9GqAfqnPPqWy86U6xH%2FSNhwRA%2BwI%2BBo0Z3qKl0TdkGiN8swla789CVcD7ElTdsqXhUsLnQUUQUeX%2FHJZm2A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793577107cfeb527-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/images/m2.jpg
200 OK 209 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/images/m2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x844, components 3\012- data
Size 209 kB (208569 bytes)
Hash 2b4a576f2fd3533b65ff859c612c57d7
d91fa21923d27e32ad46d3698af4b7121fc8ec75
cbb4208d304cb9217350f46c8365e2fa0e6892f0e72263f94bd28e6a70623600
GET /sl/html/EN3/images/m2.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: image/jpeg
content-length: 208569
cache-control: max-age=86400
cf-bgj: h2pri
expires: Fri, 03 Feb 2023 14:18:19 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 20024
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhwaLUy03Igs%2BE29%2Fdf2PEj5euH7X3buOy7fwPqu5k%2FD88pI%2BOtzzK3hGP8ZtUpgbzv9YXY1fw7Fo2S8WnAqprltem4RWJrvgv2C8suAYZrMX%2Bjs%2B3KNHCuccFIerHg3gZK4a34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793577107cfdb527-OSL
X-Firefox-Spdy: h2
app.api-push.com/get-keys
200 OK 142 kB URL HTTP/2 app.api-push.com/get-keys
IP
File type JSON data\012- , ASCII text, with very long lines (2116), with no line terminators
Size 142 kB (142051 bytes)
Hash 8fcfebf7e7b2be5be1c1abdbb01cf5e9
8eed4580a8b3da329b8514794f98707e1d00786f
78f2076d5b3f4e84fda09ade4dc6a8c268dd3e8ed81d848690dd5a79fae96ad8
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=3UXRFxGIaVpf3j-FpO4PrqNQbrxxYaJ-ojJ5Xc7MhVGrfsGbXKuLWM7j9iSg3orfouBy4N65MkT31p9OB7xv1WY30SU7bTnmHHKgWIcWF7lPMWqchFojBB-oK6uQBNr2QfaGiBttW_c0zjU3GaRdrliWliOveOsR5xfgo9hgoN8hl4Ql0tgycSrf363j5mjstgtXq69tNTUci-eVI5uEkHt3G2pJuWnXM4NhC5qAlHziwTVQSPTFCo5XeRnWiEOiIs659X7JUzYMkIQjjcV109VERTe7xLjhUqKRfjgynXkQUAgxT-5PhJmsB1gLrqxhhFFrJ-ZwJx8EAo-zSSayIwdmxrG4p-DBfuWGu-33rEfDY3znfXJIP2Tzegt0R9m4QkkvS6KJyN5-bFalewR488xvmW_svLBe9kvPaZ-3tTA&lptoken=164875f03670934d2294&external_id=36197-743286436&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir5tGNNX3DSE8bs3oKVke2uI2uZ0wVz638taDjkr9WqLKVtZyz22HXkDdIwjByix2AyDE2LjDVezqd6aE9yqa7n%2B6Wte03tauXcPbhEnlHKk4lXIMGN6Y1DKCEw%2FmUbPVf4s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770fab1671b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/main.js?1675367523
200 OK 5.0 kB URL HTTP/2 mycasualhookups.com/sl/common/js/main.js?1675367523
IP
Hash 433c0c85b4fc035483ba4453d731bb2f
286eb07e3effcb294d0aa5e7d17a3dd01ddbb5d2
44aef039ccf01ed82159a0179737423c8e0f3f06d2aa2a861252e371202f8878
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/main.js?1675367523 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 19:52:03 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwARRLqEdiOU8wco1R%2FZo6ZGZAZ31FSriUQxoEtmtCoDh8rEctMh5Ugqa%2F2gaSNFzSxzcIAZUyJmFPdz3FbrddAPai9gSN22CrYijE4Ewvdc10p8I5E0AHi4eBAtSzmAzZ4IxSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770d0f6bb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=3UXRFxGIaVpf3j-FpO4PrqNQbrxxYaJ-ojJ5Xc7MhVGrfsGbXKuLWM7j9iSg3orfouBy4N65MkT31p9OB7xv1WY30SU7bTnmHHKgWIcWF7lPMWqchFojBB-oK6uQBNr2QfaGiBttW_c0zjU3GaRdrliWliOveOsR5xfgo9hgoN8hl4Ql0tgycSrf363j5mjstgtXq69tNTUci-eVI5uEkHt3G2pJuWnXM4NhC5qAlHziwTVQSPTFCo5XeRnWiEOiIs659X7JUzYMkIQjjcV109VERTe7xLjhUqKRfjgynXkQUAgxT-5PhJmsB1gLrqxhhFFrJ-ZwJx8EAo-zSSayIwdmxrG4p-DBfuWGu-33rEfDY3znfXJIP2Tzegt0R9m4QkkvS6KJyN5-bFalewR488xvmW_svLBe9kvPaZ-3tTA&lptoken=164875f03670934d2294&external_id=36197-743286436&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:04 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWJuQMVPeblep7YfCMyVNrgUd%2F6VOuTgAbrU6woPOSDjJ7Y%2FE6Ltlc0k5PlUxIztGHdEpfWeWuuqTf1TV%2FP82Z01fvqs6tX9X4Xm9%2Fw3cVv%2BiRx%2BmqsfeoYdeGkdebULwOdvsUCfP19m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79357713880471b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
IP
Hash 6e88caf59a28d0336efacdf63dd45e7f
e10cc32e0f28d2f42ba3c80d56cebc5dbf7c8d61
a4bfec978ba7ad02dd4774640f68a31fba5db3e2bde093ffa797f7346cdf9207
POST /s/gts1p5/EmMTM2F0_rU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 19:52:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjam.com/cdn/sdialog.min.css?_=4
200 OK 1.8 kB URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP
File type ASCII text, with very long lines (6775)
Hash d3a2efed6787d4b9bc66d5a0a2e8ca46
c189356f5c69728c1dc8be56bdebcee3cfa31f7b
727cc379850c5ac68ae0862ce81cb8348dec5084ea82a4f878ab7b0cf48390ab
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:05 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 2810
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElnsAvjxm3mmFVBLsZ47hYvP444bbXBl6Lyf2c11ViSMfZ2IN%2BB3GcAOQOct2D4yNSMo%2FuUt%2B55NkGQknUywkV2X6e1RBMtlC7srHRo3HbWB%2BHG5rna4SZopLmEm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935771c7dfbb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 78857
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/0df0ae10-a333-11ed-8fca-0a4d10374a4b/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
200 OK 0 B URL HTTP/2 alia-iso.com/zcvisitor/0df0ae10-a333-11ed-8fca-0a4d10374a4b/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
IP
GET /zcvisitor/0df0ae10-a333-11ed-8fca-0a4d10374a4b/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.toptools100.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:00 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: eBdDWnnO
X-Firefox-Spdy: h2
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wn3ng344llp3rjbmi03t0k4u
302 Found 0 B URL HTTP/2 winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wn3ng344llp3rjbmi03t0k4u
IP
GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wn3ng344llp3rjbmi03t0k4u HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 19:52:01 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa8hmci&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa8hmci;Expires=Sunday, 05-Mar-2023 19:52:00 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzUzNjc1MjAsXCIzMFwiOjE2NzUzNjc1MjB9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NTM2NzUyMCxcIjFcIjoxNjc1MzY3NTIwfSxcInRpbWVcIjoxNjc1MzY3NTIwfSJ9.IND6l9Assv1jS-9wTdFmA5qYT2sM6r24iCIlQPnp5pU;Expires=Saturday, 07-Mar-2076 15:44:00 GMT;Max-Age=1675453920;Path=/
_token=uuid_s8hnpa8hmci_s8hnpa8hmci63dc1460e2ca18.52912008;Expires=Sunday, 05-Mar-2023 19:52:00 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jq0lQDsn2HKY4SGqyqxE3JC%2FhAk%2F%2F1loUsPbcitcsuNQRKBMf03jItoQ4kZSl9VAbi05FZDo0%2FNGkNGltS%2FrgvkcTx9kI3ADeYIaohngnDsYmhJfhzosSHiXXvG2coNwsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793576fd1a8cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa8hmci&sub1=38577&sub2=156696&sub3=frd
302 Found 0 B URL HTTP/2 hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa8hmci&sub1=38577&sub2=156696&sub3=frd
IP
GET /btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa8hmci&sub1=38577&sub2=156696&sub3=frd HTTP/1.1
Host: hotloveland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 19:52:01 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa8hmcl&sub2=34496&sub3=21&sub4=s8hnpa8hmci&sub5=38577&sub6=156696&sub7=frd&sub8=
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa8hmcl;Expires=Sunday, 05-Mar-2023 19:52:01 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzUzNjc1MjF9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjc1MzY3NTIxfSxcInRpbWVcIjoxNjc1MzY3NTIxfSJ9.7tcr0XmqpvlUtuAKUNIJANODw0uZDjk7IO1rOWtbM1o;Expires=Saturday, 07-Mar-2076 15:44:02 GMT;Max-Age=1675453921;Path=/
_token=uuid_s8hnpa8hmcl_s8hnpa8hmcl63dc14613e3060.29244516;Expires=Sunday, 05-Mar-2023 19:52:01 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q5wBqSBWMx99iKGWJTPDD9C91Vj108TfryJXlxvWOWTUE%2FlNY42%2BH9CdVBd5jRAPCdBFCQFC3F3v9kRKP%2Bczk0Ds%2Bv9gHgT1jdxCEwR38BxAj0D2%2BIsWfHrOtNfFUt63yM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793576ff5ea70b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/cookies-policy.html
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/cookies-policy.html
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/cookies-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:04 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Thu, 02 Feb 2023 19:57:04 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6OY14%2BOhOpYruJJKV82tSBpLH4knHthzYtgW4VllW0AYMUkPIZIMPV0UvAK9npsX54PQ0oqFhiF%2FClvQI3b52MeN%2BRYofv6uXQc1j%2BbW4hhkadNXNHRGOsIT2BMspaUzGfc0wc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793577106cf3b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/common-langs.js
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Fri, 03 Feb 2023 08:48:28 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 39815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjeeHDdC57vxg%2FG7j%2BR0Jx9fT4ZWlNcR2KGfDilUp7HO2k%2F4pUmpk2idCC6IQZfcck6ot%2FvTsEsDh7VwAy2ru2UoQizSFOeFx9SWhNf0MOQ7rfFPlZp0wfXDn%2FsvUVMl3msUY%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770d0f6ab527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1675367523
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1675367523
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1675367523 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 19:52:03 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zArh%2F4L%2B2ejE%2FfLUwqfNn8j64qhAG1DDl%2FVc9nztFsxyYM5QFdSiZW1FvhyHp43W%2BDnGV6tMSVjumy7uwAaKfeQqi3nhbDO6H7gPWZsd%2Buqk8Qxx7bGqKBjVME7rJd8VJqiAtzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770cef17b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 08:48:28 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 39815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qZ5YeR31NaAJle%2FY7YcZLNZieqNkucBwi7FxZFQC%2BW6kFFi10rJwNvfrBDmggaQHxlpYjH0Y4AM3RBQX%2FMFcgLNwz%2FoJc5%2B3bZUa5TAtumyLhQNgsy77unSUwyZtIEYLD10UTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770cef1bb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/js/langs.js
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/js/langs.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/EN3/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=38889
expires: Fri, 03 Feb 2023 14:18:18 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 20024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmMRXtEhQl6J08AsyS%2F97MTE%2FJfYaBCXCHTUmiu4qsl4ZyQ0bzV%2F1zcFZII5zh4za8kEHxGq84djb8PQcrwFzz%2B%2BlPeFVJN8pmcaU%2F3gOxyFxkz8218tKyTCmIuUC5xcPCjnFJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770d0f65b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/js/config.js
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/js/config.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/EN3/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Fri, 03 Feb 2023 05:53:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:18 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 50298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m748uYXZ0D%2B5bX2jlzAQMEpb208k9czDF7%2BEIgmXUTjJqt3qndI7Dx7F4gTQO6TPy%2F6fTAPmlkcqPpK%2FatIXLfxyEZkYQOCE8e783legQAJLsCD8rTfz8mRaPpN0MGrrcYPO%2BNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770d0f69b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
200 OK 0 B URL HTTP/2 alia-iso.com/zcredirect?visitid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
GET /zcredirect?visitid=0df0ae10-a333-11ed-8fca-0a4d10374a4b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/0df0ae10-a333-11ed-8fca-0a4d10374a4b/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:00 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: WApdLRJy
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/n.php?cep=3UXRFxGIaVpf3j-FpO4PrqNQbrxxYaJ-ojJ5Xc7MhVGrfsGbXKuLWM7j9iSg3orfouBy4N65MkT31p9OB7xv1WY30SU7bTnmHHKgWIcWF7lPMWqchFojBB-oK6uQBNr2QfaGiBttW_c0zjU3GaRdrliWliOveOsR5xfgo9hgoN8hl4Ql0tgycSrf363j5mjstgtXq69tNTUci-eVI5uEkHt3G2pJuWnXM4NhC5qAlHziwTVQSPTFCo5XeRnWiEOiIs659X7JUzYMkIQjjcV109VERTe7xLjhUqKRfjgynXkQUAgxT-5PhJmsB1gLrqxhhFFrJ-ZwJx8EAo-zSSayIwdmxrG4p-DBfuWGu-33rEfDY3znfXJIP2Tzegt0R9m4QkkvS6KJyN5-bFalewR488xvmW_svLBe9kvPaZ-3tTA&lptoken=164875f03670934d2294&external_id=36197-743286436&source=16295&sum=
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/n.php?cep=3UXRFxGIaVpf3j-FpO4PrqNQbrxxYaJ-ojJ5Xc7MhVGrfsGbXKuLWM7j9iSg3orfouBy4N65MkT31p9OB7xv1WY30SU7bTnmHHKgWIcWF7lPMWqchFojBB-oK6uQBNr2QfaGiBttW_c0zjU3GaRdrliWliOveOsR5xfgo9hgoN8hl4Ql0tgycSrf363j5mjstgtXq69tNTUci-eVI5uEkHt3G2pJuWnXM4NhC5qAlHziwTVQSPTFCo5XeRnWiEOiIs659X7JUzYMkIQjjcV109VERTe7xLjhUqKRfjgynXkQUAgxT-5PhJmsB1gLrqxhhFFrJ-ZwJx8EAo-zSSayIwdmxrG4p-DBfuWGu-33rEfDY3znfXJIP2Tzegt0R9m4QkkvS6KJyN5-bFalewR488xvmW_svLBe9kvPaZ-3tTA&lptoken=164875f03670934d2294&external_id=36197-743286436&source=16295&sum=
IP
GET /sl/html/EN3/n.php?cep=3UXRFxGIaVpf3j-FpO4PrqNQbrxxYaJ-ojJ5Xc7MhVGrfsGbXKuLWM7j9iSg3orfouBy4N65MkT31p9OB7xv1WY30SU7bTnmHHKgWIcWF7lPMWqchFojBB-oK6uQBNr2QfaGiBttW_c0zjU3GaRdrliWliOveOsR5xfgo9hgoN8hl4Ql0tgycSrf363j5mjstgtXq69tNTUci-eVI5uEkHt3G2pJuWnXM4NhC5qAlHziwTVQSPTFCo5XeRnWiEOiIs659X7JUzYMkIQjjcV109VERTe7xLjhUqKRfjgynXkQUAgxT-5PhJmsB1gLrqxhhFFrJ-ZwJx8EAo-zSSayIwdmxrG4p-DBfuWGu-33rEfDY3znfXJIP2Tzegt0R9m4QkkvS6KJyN5-bFalewR488xvmW_svLBe9kvPaZ-3tTA&lptoken=164875f03670934d2294&external_id=36197-743286436&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Thu, 02 Feb 2023 19:57:03 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgeA1h15ZTH1lP8v8C%2FOiW2t7Q4xNLzYlzub%2F1xUbmrslw8SAQedNyiwLOnqxfEGdYeJr6pw0VnDIc6nHwJB2YfhLUyzWNjO8GII8QCaKMWW1gJ67MIb4mAakdZgXzs9JIsIH0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770949b4b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Fri, 03 Feb 2023 08:48:28 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 39815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRpH7Wq1G5S5SMwSkphUR1t46t%2FUJ3QEIY4m1U9cwjrlpR6LBwMDgiEUTtCXCLkB6%2BTcG91i5JUHKy8rTp8Wfcv%2Fth%2Bk1tqaJJ4HB1IZGcW4ynZoE0TUhwx1VMysdHuWcwCHZWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935770cef1cb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 19:52:03 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1327888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QgUBU5EZIwb12P0B%2FO2gDhqzcE6ny6y1e8f7jslQ%2FrXt2IJlU%2BphEOx8JpsguEr9Wo%2Bkldi4Lsq9Qst9%2ByNiHft9YBhrpN85hRlS7H2MjhJiLbmDGJApTqCOy3o9qBa35RZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935770d89d07330-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
69.16.230.42
104.18.20.226
34.242.116.152
18.193.146.82
23.36.76.226