r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11332
Expires: Sun, 29 Jan 2023 09:04:48 GMT
Date: Sun, 29 Jan 2023 05:55:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13426
Expires: Sun, 29 Jan 2023 09:39:42 GMT
Date: Sun, 29 Jan 2023 05:55:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 05:43:08 GMT
content-type: application/json
age: 768
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6417
Expires: Sun, 29 Jan 2023 07:42:53 GMT
Date: Sun, 29 Jan 2023 05:55:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Efl1No6eahjjhB8Ith33fLuPGw9KsveXE3p/rImpNINXzqZfSu43qcmp2wVpyMc5F/gFGzQGYCI=
x-amz-request-id: VR2BGYW0477HVQA0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 05:50:12 GMT
age: 344
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:55:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
reservation.travelaffiliatepro.com/hotel/details/RTNVJKT
69.16.231.56200 OK 2.3 kB URL HTTP/1.1 reservation.travelaffiliatepro.com/hotel/details/RTNVJKT
IP 69.16.231.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (642)
Hash c11668421c6659a05b312c65c2f5e799
2e81405b4bb41a24abdf0d9fdeba89990f7515b9
c5b28f5d97e8a4de27d5e0017b74c34f93f91430d63ad41e4c26fa72c5e9ba52
Analyzer Verdict Alert fortinet Phishing
GET /hotel/details/RTNVJKT HTTP/1.1
Host: reservation.travelaffiliatepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:55:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 05:49:04 GMT
age: 413
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12238
Expires: Sun, 29 Jan 2023 09:19:55 GMT
Date: Sun, 29 Jan 2023 05:55:57 GMT
Connection: keep-alive
reservation.travelaffiliatepro.com/page/bouncy.php?&bpae=GbhGt7vGtEx79rvvvfGGXGTKG%2B%2FZ41X%2FAgo1xJpGADJa%2BVLqpJ8ZWITyGmRTEaxA7qG3SJWjydZCr%2Bkw9fY%2FnmpW%2BmKveKCOryaLXvxjU28KcJ8PMOX3zGBQUU%2BHYHmvxU4%2BBjb5emx1AJmN3gHjDOsmBb0W4ok4Y2LTbTPCzRtIwkOooTcJWWEoUKHj4VYwR29jOF%2BpJ3CTBm3wtVchTtOyM9deXUfo%2F6ZjuGQjecy45329Y68gp1VSo7QsjqEWZQgkwA8blOe9wN393%2BPoanKbXfmZZLhvWfIgb%2FPBcuSQE%2Fpb2PPm8D2uXcja83DXCbWs0D8X9NOKAhVPMl81Iya8ek8tj656K1I45P1HsXMKMkwDzAXsF5mhwPz0jtUWDLaR%2B2vttxnfWjPOxPHu3PTwyYqjQeggenUGSqzDSTuc415%2BEF0R3FGi77HzfJCh4V9gZabdmR9BlUnQ75RmKZR%2FGEb70aApeOJMGBIUlsqF1yy42kFYcTBw6P0Z%2BEthrrpC&redirectType=js&inIframe=false&inPopUp=false
69.16.231.56200 OK 982 B URL HTTP/1.1 reservation.travelaffiliatepro.com/page/bouncy.php?&bpae=GbhGt7vGtEx79rvvvfGGXGTKG%2B%2FZ41X%2FAgo1xJpGADJa%2BVLqpJ8ZWITyGmRTEaxA7qG3SJWjydZCr%2Bkw9fY%2FnmpW%2BmKveKCOryaLXvxjU28KcJ8PMOX3zGBQUU%2BHYHmvxU4%2BBjb5emx1AJmN3gHjDOsmBb0W4ok4Y2LTbTPCzRtIwkOooTcJWWEoUKHj4VYwR29jOF%2BpJ3CTBm3wtVchTtOyM9deXUfo%2F6ZjuGQjecy45329Y68gp1VSo7QsjqEWZQgkwA8blOe9wN393%2BPoanKbXfmZZLhvWfIgb%2FPBcuSQE%2Fpb2PPm8D2uXcja83DXCbWs0D8X9NOKAhVPMl81Iya8ek8tj656K1I45P1HsXMKMkwDzAXsF5mhwPz0jtUWDLaR%2B2vttxnfWjPOxPHu3PTwyYqjQeggenUGSqzDSTuc415%2BEF0R3FGi77HzfJCh4V9gZabdmR9BlUnQ75RmKZR%2FGEb70aApeOJMGBIUlsqF1yy42kFYcTBw6P0Z%2BEthrrpC&redirectType=js&inIframe=false&inPopUp=false
IP 69.16.231.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c02a72e89f2fddd6d17c2c5b45baadc8
86ef5322dc47cebb302b8bb0dee0b15de3a18582
04e3f2e31f00eab318b922ffe9cf399105240cce91e86afb118583a34ddf7b03
GET /page/bouncy.php?&bpae=GbhGt7vGtEx79rvvvfGGXGTKG%2B%2FZ41X%2FAgo1xJpGADJa%2BVLqpJ8ZWITyGmRTEaxA7qG3SJWjydZCr%2Bkw9fY%2FnmpW%2BmKveKCOryaLXvxjU28KcJ8PMOX3zGBQUU%2BHYHmvxU4%2BBjb5emx1AJmN3gHjDOsmBb0W4ok4Y2LTbTPCzRtIwkOooTcJWWEoUKHj4VYwR29jOF%2BpJ3CTBm3wtVchTtOyM9deXUfo%2F6ZjuGQjecy45329Y68gp1VSo7QsjqEWZQgkwA8blOe9wN393%2BPoanKbXfmZZLhvWfIgb%2FPBcuSQE%2Fpb2PPm8D2uXcja83DXCbWs0D8X9NOKAhVPMl81Iya8ek8tj656K1I45P1HsXMKMkwDzAXsF5mhwPz0jtUWDLaR%2B2vttxnfWjPOxPHu3PTwyYqjQeggenUGSqzDSTuc415%2BEF0R3FGi77HzfJCh4V9gZabdmR9BlUnQ75RmKZR%2FGEb70aApeOJMGBIUlsqF1yy42kFYcTBw6P0Z%2BEthrrpC&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: reservation.travelaffiliatepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reservation.travelaffiliatepro.com/hotel/details/RTNVJKT
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 05:55:57 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.165.1.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.1.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dEtQ+HhonUPqBn/Ux5Vh5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eut0gPy//bzZCOcYsZFBV+5z2Xc=
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash d9980406942893f8f4ff098672c3d285
56a4e00fe424cb9f5d9b56604e583de91016d26e
628aa3f4be4fcb6f8f465cdc0f9c3fc625212b36fda9273285b52d5327699bc5
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150818
Date: Sun, 29 Jan 2023 05:55:57 GMT
Etag: "63d5a655-1d7"
Expires: Mon, 30 Jan 2023 23:49:35 GMT
Last-Modified: Sat, 28 Jan 2023 22:48:53 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BdW1eZ6UW--lwoJyb00qIutCDSe99WZACDtGWFbCCzADBhVmJW-c8Q==
Age: 3642
alia-iso.com/favicon.ico
52.7.54.238404 Not Found 653 B IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=99100516-9f99-11ed-9862-0af2067ff53f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 29 Jan 2023 05:55:58 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: VGwKJjxo
X-Firefox-Spdy: h2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwutc280tsumm658miv88n02m&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=99100516-9f99-11ed-9862-0af2067ff53f&cid=wutc280tsumm658miv88n02m&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwutc280tsumm658miv88n02m&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=99100516-9f99-11ed-9862-0af2067ff53f&cid=wutc280tsumm658miv88n02m&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwutc280tsumm658miv88n02m&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=99100516-9f99-11ed-9862-0af2067ff53f&cid=wutc280tsumm658miv88n02m&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 05:55:58 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wutc280tsumm658miv88n02m
pragma: no-cache
set-cookie: cc-v4=kg%2FIanChX2QU%2Bdz20r%2BlzP3JDbIlfTM%2BY86zpsmYsI3c7pY5uLOobztTzTbx5NGxJFhh6HyHr1Ei6AE%2Fg7sxPpoCBOTdqecjFV5ILoItj4SnQGSAxXHZQEFx%2FF4pSkweTbQHjSrBFSC%2FErhNoNOEqA%3D%3D; Max-Age=31536000; Expires=Mon, 29-Jan-2024 05:55:58 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP 216.58.211.3:0
Hash 33f9eccf97d9a5a8907d6a8936e0c12f
c823e2ccd475bae757a4adbbdff2d3b53056eddf
e451fbc25a0cf1263c07e6d6e130fac46dfe70ac48238edf15f802a037129e00
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:55:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:55:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:55:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:55:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Sun, 29 Jan 2023 07:12:14 GMT
Date: Sun, 29 Jan 2023 05:55:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:21 GMT
age: 29377
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e59316e1b1333c42d9d120fa88619bc2
669cdc8dfeba9d64f93f260adbb5f493a5649bb0
c4e78ec96322f1f151b07f9a45d51e6ca3fd46613472cf627f53bf399193a533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9398
x-amzn-requestid: 5083c66c-ad64-4f73-b915-d29ddabcdb4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6XEc1IAMFsbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-0779693a5da31eae195989d1;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2MPzkEPg3JESo6g5D7E2LN53G-zYF__aFQmDg9DzSRxg0E19j1Iwkw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:32:41 GMT
age: 8597
etag: "669cdc8dfeba9d64f93f260adbb5f493a5649bb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: 034023e1-bd96-4c41-aa48-cccf5fa7b366
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feLdTEXToAMF5Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58c54-5390c17952d82d9108bdd3f8;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:57:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACe_e899vrvXgDH3SKhGkebo6EgwW3c97aiFsr_p0g0cyWhl0XmjIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:04:06 GMT
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
age: 21112
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61dd48155b70501a72ec13f79745433d
4efc3d15f04a290a590b54122822d55a9d3fa1ca
9345056c111439b34aff08323fc99a2d315fa91293039dc5acf67affb50636d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4202
x-amzn-requestid: d33bee10-9642-4138-8dde-3486ec7f6535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa9ABFFvIAMFbqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d441ff-3b3a99db469e3f8c068d553c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:28:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIvTaBE3RpB7sP9Bb1Ku1ItsiaCFKNmyHArESR1FuqDIHXt2uOLG6A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:41:58 GMT
age: 83640
etag: "4efc3d15f04a290a590b54122822d55a9d3fa1ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:34:32 GMT
age: 8486
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 44402
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 04461a1d7610601c6ffee9627e9b14b1
e9e4b4cad64ea77fb2f5cbf9810afb0abbaa54b1
2fd161a2ae3d06b8f8133e994602235826cd1534cdf62d49f2416f5d18912817
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:55:58 GMT
Server: ECS (amb/6BA6)
Content-Length: 278
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP 216.58.211.3:0
Hash 33f9eccf97d9a5a8907d6a8936e0c12f
c823e2ccd475bae757a4adbbdff2d3b53056eddf
e451fbc25a0cf1263c07e6d6e130fac46dfe70ac48238edf15f802a037129e00
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:55:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa78kji&sub1=38577&sub2=156696&sub3=frd
104.21.81.229302 Found 0 B URL HTTP/2 hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa78kji&sub1=38577&sub2=156696&sub3=frd
IP 104.21.81.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa78kji&sub1=38577&sub2=156696&sub3=frd HTTP/1.1
Host: hotloveland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 05:55:58 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa78kjl&sub2=34496&sub3=21&sub4=s8hnpa78kji&sub5=38577&sub6=156696&sub7=frd&sub8=
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa78kjl;Expires=Wednesday, 01-Mar-2023 05:55:58 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzQ5NzE3NTh9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjc0OTcxNzU4fSxcInRpbWVcIjoxNjc0OTcxNzU4fSJ9.koy-iX7UVe59nYd5UrRW7UbZXO5Q-QpjwJZFHurIh54;Expires=Thursday, 27-Feb-2076 11:51:56 GMT;Max-Age=1675058158;Path=/
_token=uuid_s8hnpa78kjl_s8hnpa78kjl63d60a6ecb0fd3.96471738;Expires=Wednesday, 01-Mar-2023 05:55:58 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvJ3s9HzZ5SE0CFss6%2FqXyvD06cRI3eJ1ZVJnsIBkgOhR3wRwGUgIKEQfzDNZIt%2BqkaWlN2n5qiNE8EpHerZsS3%2Fnq0h58RQg%2BAb6SrgVjPQ57piSdQjeobK4%2BDgTD9xorM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8d42fe7b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 04461a1d7610601c6ffee9627e9b14b1
e9e4b4cad64ea77fb2f5cbf9810afb0abbaa54b1
2fd161a2ae3d06b8f8133e994602235826cd1534cdf62d49f2416f5d18912817
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:55:59 GMT
Last-Modified: Sun, 29 Jan 2023 05:55:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp2.globalsign.com/gsalphasha2g2
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.66.133:0
Hash 9b3ca2c8ef939d4373d6cbb041cac0b8
40af0b2adbb04bc1ce6c349905b57450daacc2d7
a0d9c01ff89bc9c774127289dd0343c3c2f0c1ee33d2134319e956447ca95ae6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 05:55:58 GMT
ETag: "40af0b2adbb04bc1ce6c349905b57450daacc2d7"
Last-Modified: Sun, 29 Jan 2023 05:55:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 05:55:59 GMT
Age: 0
X-Served-By: cache-qpg1264-QPG, cache-bma1631-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1674971759.171274,VS0,VE210
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496
52.19.202.187302 Found 270 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496
IP 52.19.202.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f2800140e3a9ef5304c149a715d246cf
39179ac88eefdfe77a6e490cb8f35722060dc283
5035b59148ef2252b29b58f6f20eab7aa5f23a0f9b5390df3fd53ea402c2ae22
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 270
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Jan 2023 05:55:59 GMT
Location: https://toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496&ckmguid=fb64ef0f-00c9-4e81-8e02-5cfeaea51d93
Connection: close
ocsp.globalsign.com/alphasslcasha256g4
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 151.101.130.133:0
Hash ad6399287fc1ed43b12a4dc600074b1e
65c579aa3e45df1adf22986d0077d2fcf0beaad8
0935b367e86c6760334aa57ddd9ad7dafca215ccd29622c7c1037ba12d5d49ba
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1437
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 04:22:54 GMT
ETag: "65c579aa3e45df1adf22986d0077d2fcf0beaad8"
Last-Modified: Sun, 29 Jan 2023 04:22:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 05:55:59 GMT
Age: 0
X-Served-By: cache-qpg1237-QPG, cache-bma1634-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1674971760.563504,VS0,VE208
toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496&ckmguid=fb64ef0f-00c9-4e81-8e02-5cfeaea51d93
52.19.202.187302 Found 234 B URL HTTP/1.1 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496&ckmguid=fb64ef0f-00c9-4e81-8e02-5cfeaea51d93
IP 52.19.202.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9b5a26445c74771b1a350f60705c7910
39e42ecefb0696109a69143b0485d5e4fe046588
0f27bfc628a974a992164cb8efc5c79e5722480fa66476aacd8532524d34fe42
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d60a6f3c251b0001f14059&s4=34496&ckmguid=fb64ef0f-00c9-4e81-8e02-5cfeaea51d93 HTTP/1.1
Host: toomoffr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Jan 2023 05:55:59 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742676814&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=udSGCKNyemmFr0MZKohWU5UHXum536I1pHLhJIG0F0Dkb3y2TOWIMw==; domain=.toomoffr.com; path=/; HttpOnly
trk=H45QM2T2j3pLAGqEhA87dZUHXum536I1pHLhJIG0F0Dkb3y2TOWIMw==; domain=.toomoffr.com; expires=Wed, 29-Jan-2025 05:56:04 GMT; path=/; HttpOnly
c36197=udSGCKNyemmNVLCPTVgYDyidVfDdfNB1RSlD3BMSle9eCUghiDE1Zg==; domain=.toomoffr.com; expires=Tue, 28-Feb-2023 05:56:04 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742676814&source=16295&sum=
18.193.146.82302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742676814&source=16295&sum=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742676814&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 05:55:59 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/EN3/n.php?cep=QJeesB6-EgABvXd72lpYfeCWbJMD2pPHGfBGiZh6ZrfbIl65zpW9_hda8ypxsFA1YBjjwC7O-BC-7ZL7afkiKP_qUUksyrc6ohmnGf3uzdVXm4dHTrHd8zr7zrCQ0iM9Kw6ESNkPkwVBJ1x3l7JEqiHyRr9xbNeWsSyQQ-GZJW0o10vQIY3kW8weXsNPAG8kCAhkIsuIFyIs1hCdifpAmqkQIZrAjXexNd0hNdB8bs2QM4MYMDjjmOOBk3M8_EjrfgLYc2PT40CtnmAPejPDQOdLs3jixmYXKCe6WVnDXr5Na7je8lQ_bvWicaEDA5cM7U9rtSVLJFuS85dJFtVcW674axaHx6_f1UzJGbfTG_3rl-rUBlOg-FbTpz8h_uiH573YqXuS9O8R9YGwihNYl3QF-efkahs_sNgsVdgBEYc&lptoken=1635747d978b359a5979&external_id=36197-742676814&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=e_sDzQNJ_bswIU0Msl7gouUPybzO_eZaihpsgAc-qf4; Max-Age=86400; Expires=Mon, 30-Jan-2023 05:55:59 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=FaN408P7IiLf218E1okCKE1hBHFoj-P37j4n-YULHAJBpCIfMti0APjE2DwJ2zh5WEh-clHxJO2s2437BNksffdtVyui9ITjVUXx2xn65TjhMOcdIbCb14dsxQ0_ZvF1K0vvQvpXTeoPbIYKP7zQqCEgmK1vlUIhzHdQKofSXR2UxNbiuADFqPA40Zlan8_PO2_5SrR6UDmoAL9dwRoOFMi6XLr7mU-oiugO9xWapj43HepXQsS_so8lhDuyiZn_0fDrZN8a7baVzrIFhlQiKaudMLDz9OiWlua6rHYhjbqjUXND3pESDcwFJRDyRJKxBylsBKTDQvaDSDo8JiaZevgZ9ExJdwAmerqBjlr6xX_9x_R-qLUmPC6Q4BN03jGE6zXK1ygu5xMds0aOB8MqvxNTxQSzmQEDj_B9VLIceGE; Max-Age=86400; Expires=Mon, 30-Jan-2023 05:55:59 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
IP 216.58.211.3:0
Hash 17529e494e4134001605718f7f0d1383
ce4666cc15c74d60c90152d3bc2592747ed3c07d
01dae29c513cab0b38e1754ba7837edc29829f7d7aafafb596b28c9a0494c429
POST /s/gts1p5/QsXoNUJjkNc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:56:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
104.26.13.87200 OK 7.8 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP 104.26.13.87:0
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash acdc53f58bd1703e5761535528fec208
42b2cf70c61f8cfcbc929dd302ad5130b3f1e859
6d7a77671ea2f22cacd488483bc7a2c08fbc2d897f8b45b7412789f7a1e22cdc
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 29 Jan 2023 06:32:54 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 84185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4btYOoeqmqVtgUXkNv3skBl5v4LZgA5tokWQgP0MMKIceaOUFLS7KEBETsRZKQJU1k6HI1cApEuHCp7GNWa9su%2BfK75MrGGOggIbYTGMEHfWA77R0mfL7v9VHpNqabJ8Fdj8GuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e05db70b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.163.28204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 05:56:01 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpLhKZaX%2Bdq7tPyK%2F0D9r9qMsr8nVWQ6FybsF%2B9vzNadHYucRffaBhgyBvEP8MY9ALii%2B%2BuHC6YHUSgk%2FQidlGmztAj1HcYr1EBsiLpGMCCy%2B8Y1RDqhPoLxr9xB45jokxtlTMtKnut3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e2bae324b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=QJeesB6-EgABvXd72lpYfeCWbJMD2pPHGfBGiZh6ZrfbIl65zpW9_hda8ypxsFA1YBjjwC7O-BC-7ZL7afkiKP_qUUksyrc6ohmnGf3uzdVXm4dHTrHd8zr7zrCQ0iM9Kw6ESNkPkwVBJ1x3l7JEqiHyRr9xbNeWsSyQQ-GZJW0o10vQIY3kW8weXsNPAG8kCAhkIsuIFyIs1hCdifpAmqkQIZrAjXexNd0hNdB8bs2QM4MYMDjjmOOBk3M8_EjrfgLYc2PT40CtnmAPejPDQOdLs3jixmYXKCe6WVnDXr5Na7je8lQ_bvWicaEDA5cM7U9rtSVLJFuS85dJFtVcW674axaHx6_f1UzJGbfTG_3rl-rUBlOg-FbTpz8h_uiH573YqXuS9O8R9YGwihNYl3QF-efkahs_sNgsVdgBEYc&lptoken=1635747d978b359a5979&external_id=36197-742676814&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnOtd5ZyWA%2BWNbMNoFl7kZtBV475cd%2BYP1eGjDnVrgn%2B1DrKuRSDksJYUYm4eXiG2fJ3jsRLPd3K08w72azPKq7%2FKQd8HdWG5z4tMIyH0uDYbjvXqQD1m6JC%2FkY7eZ43bTOd%2BUc2PpM1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e38b4224b7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/js/functions.js
104.26.13.87200 OK 153 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/js/functions.js
IP 104.26.13.87:0
File type ASCII text, with very long lines (11875)
Size 153 kB (153156 bytes)
Hash 5a9c49534cfb8362d8aa6590f01af9f7
603d57cd5316f01b389f9f2a3d177cf677542787
8bd41f1a7a990d8992885974a92adda4017df5208a462f1c6a4cbb16a3b3ca24
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/EN3/js/functions.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=52042
expires: Sun, 29 Jan 2023 16:14:08 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 49312
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9U13fQxSH5aIxxBuitYtklSnjWn9PFksSCpmpIkcdearuKxeXNOUNg3eZbVLMk3BYGwwRtQPQs3GM8UKJg0JLbmH5Dph2%2FXVJx3er8G9%2BLjT%2BKBG%2BnbSIEcopBQQUJw2q8OQ%2FuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e06dbf0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/images/m2.jpg
104.26.13.87200 OK 209 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/images/m2.jpg
IP 104.26.13.87:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x844, components 3\012- data
Size 209 kB (208569 bytes)
Hash 2b4a576f2fd3533b65ff859c612c57d7
d91fa21923d27e32ad46d3698af4b7121fc8ec75
cbb4208d304cb9217350f46c8365e2fa0e6892f0e72263f94bd28e6a70623600
GET /sl/html/EN3/images/m2.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: image/jpeg
content-length: 208569
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 30 Jan 2023 05:56:01 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOAmswmfeCjgwp2q6ROCCrUCAoBz6CgNsMfvKFk14MiGeTHQBke5wsr6Ie5bUOddX0ntiadPc8pp9E0wxGMrakCaqws5iY6yGsRv4ItnHT6Ppmue%2FbeCtG2G5Yxc9OVhS81YKkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790fb8e3eefa0b39-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/images/m3.jpg
104.26.13.87200 OK 21 kB URL HTTP/2 mycasualhookups.com/sl/html/EN3/images/m3.jpg
IP 104.26.13.87:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x400, components 3\012- data
Hash c698f5bab1daf1f3745ff2b31e4b5dc3
a175e04604ee3fd474d9818f52f193ff3e7784a0
672edb2ed70499efa3d65fc0eead7f24337897b874228c230c78c334c3ac0cb4
GET /sl/html/EN3/images/m3.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: image/jpeg
content-length: 20890
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 30 Jan 2023 05:56:01 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn8IUx9qu98zslT7Y7Qx0%2B8c9cybEewl0J42%2ByHPVyiiv56DhiywE6ofGY5RCUD1pDkKxvzX7TB%2Fzjj8jd6RMfL1immFxHxUooyAfB1hyvw9Af%2BCG66mSZFdNp86gIRaUTbkuBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790fb8e3feff0b39-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/common-langs.js
104.26.13.87200 OK 206 kB URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP 104.26.13.87:0
File type Unicode text, UTF-8 text, with very long lines (12768)
Size 206 kB (205498 bytes)
Hash 2cff98cdd7a06ec7823277d3e62e1e87
81e59c73d657cde335ba163ed93374b04fb3b023
f75ea21352ee5b0a342f0a74b4ed6a2a9938d061451b4ab712795acd48128ced
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 29 Jan 2023 06:32:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 84185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBN7WEWE24EeqZ9fMI%2Bq1GkgPjRBGJZkp7PJ0wRYE8S54hpPNNVzhWcvvDQ1ZIrPe0jvKof4smHjdqzYe%2FSlUCcBkEobIW64GENKPCwI8oG6tX71hjBp4oL8vOfjoGamhVDzCJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e06dbd0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/99100516-9f99-11ed-9862-0af2067ff53f/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
52.7.54.238200 OK 0 B URL HTTP/2 alia-iso.com/zcvisitor/99100516-9f99-11ed-9862-0af2067ff53f/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
IP 52.7.54.238:0
GET /zcvisitor/99100516-9f99-11ed-9862-0af2067ff53f/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://reservation.travelaffiliatepro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:55:57 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: hAwWnhWl
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=99100516-9f99-11ed-9862-0af2067ff53f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 OK 0 B URL HTTP/2 alia-iso.com/zcredirect?visitid=99100516-9f99-11ed-9862-0af2067ff53f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
GET /zcredirect?visitid=99100516-9f99-11ed-9862-0af2067ff53f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/99100516-9f99-11ed-9862-0af2067ff53f/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:55:57 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: DPSFIsYu
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
104.21.58.242200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 104.21.58.242:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:02 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzxrRl3%2BR%2F5%2BGGpig8EVwc7eq9LZ0H12UBRpZU%2BjXM3RuQVQPDfOFRddagb79adp61EK%2BrOXaF%2BnX%2FO%2FTdTjQVeMmBfRExDJh6Rtxrh0RTJ8yYC5FOX9ol0wGGFh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8ebd804b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2334419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6QT6d9B9XQ9xaBpu63c%2Btsjh1KaxitISzs4wE52rpjMideNUkBCLtmBAo2py%2Bko780sqrawXvMmPHXaPfRRuKmd6k967YS5Rq60tiUjgqyDCd7THmVK7oKRIlDo5og7EKP6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790fb8e0bd1723cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/unsubscribe.html
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/unsubscribe.html
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/unsubscribe.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 29 Jan 2023 06:01:01 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F75Ni5Yu2gpAAt1Hc0mGnFNXJEKrWh2YTaeruA5dGQJzfq9gMOLhRYS0BJxlyz6N4d2JMwGi72qLPP0Uok3y8QGEWNNzYXumjU6Fg03kU36vNIdkbVz8jmCFGWBStB9eMuMAeow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e3eef70b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wutc280tsumm658miv88n02m
104.21.76.186302 Found 0 B URL HTTP/2 winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wutc280tsumm658miv88n02m
IP 104.21.76.186:0
GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wutc280tsumm658miv88n02m HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 05:55:58 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa78kji&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa78kji;Expires=Wednesday, 01-Mar-2023 05:55:58 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzQ5NzE3NTgsXCIzMFwiOjE2NzQ5NzE3NTh9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NDk3MTc1OCxcIjFcIjoxNjc0OTcxNzU4fSxcInRpbWVcIjoxNjc0OTcxNzU4fSJ9.zsyCeGcgjqXzNIqqtxO21fqHQahGv2siiZvXeRziWPU;Expires=Thursday, 27-Feb-2076 11:51:56 GMT;Max-Age=1675058158;Path=/
_token=uuid_s8hnpa78kji_s8hnpa78kji63d60a6e7343b1.85186828;Expires=Wednesday, 01-Mar-2023 05:55:58 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3TQ4nk58f1i%2FTgM%2FbA1DleVTQEncjURQnP2RIcQ%2B%2B9tVxn3XomDYZMglBRwv%2Fi649zfLrAOFSxWqA23xWODa1BbBJPqtMWamRRSq8Mk1p%2BaFta3W2e5yFWzEtqBhFRMDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8d1cc2eb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/n.php?cep=QJeesB6-EgABvXd72lpYfeCWbJMD2pPHGfBGiZh6ZrfbIl65zpW9_hda8ypxsFA1YBjjwC7O-BC-7ZL7afkiKP_qUUksyrc6ohmnGf3uzdVXm4dHTrHd8zr7zrCQ0iM9Kw6ESNkPkwVBJ1x3l7JEqiHyRr9xbNeWsSyQQ-GZJW0o10vQIY3kW8weXsNPAG8kCAhkIsuIFyIs1hCdifpAmqkQIZrAjXexNd0hNdB8bs2QM4MYMDjjmOOBk3M8_EjrfgLYc2PT40CtnmAPejPDQOdLs3jixmYXKCe6WVnDXr5Na7je8lQ_bvWicaEDA5cM7U9rtSVLJFuS85dJFtVcW674axaHx6_f1UzJGbfTG_3rl-rUBlOg-FbTpz8h_uiH573YqXuS9O8R9YGwihNYl3QF-efkahs_sNgsVdgBEYc&lptoken=1635747d978b359a5979&external_id=36197-742676814&source=16295&sum=
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/n.php?cep=QJeesB6-EgABvXd72lpYfeCWbJMD2pPHGfBGiZh6ZrfbIl65zpW9_hda8ypxsFA1YBjjwC7O-BC-7ZL7afkiKP_qUUksyrc6ohmnGf3uzdVXm4dHTrHd8zr7zrCQ0iM9Kw6ESNkPkwVBJ1x3l7JEqiHyRr9xbNeWsSyQQ-GZJW0o10vQIY3kW8weXsNPAG8kCAhkIsuIFyIs1hCdifpAmqkQIZrAjXexNd0hNdB8bs2QM4MYMDjjmOOBk3M8_EjrfgLYc2PT40CtnmAPejPDQOdLs3jixmYXKCe6WVnDXr5Na7je8lQ_bvWicaEDA5cM7U9rtSVLJFuS85dJFtVcW674axaHx6_f1UzJGbfTG_3rl-rUBlOg-FbTpz8h_uiH573YqXuS9O8R9YGwihNYl3QF-efkahs_sNgsVdgBEYc&lptoken=1635747d978b359a5979&external_id=36197-742676814&source=16295&sum=
IP 104.26.13.87:0
GET /sl/html/EN3/n.php?cep=QJeesB6-EgABvXd72lpYfeCWbJMD2pPHGfBGiZh6ZrfbIl65zpW9_hda8ypxsFA1YBjjwC7O-BC-7ZL7afkiKP_qUUksyrc6ohmnGf3uzdVXm4dHTrHd8zr7zrCQ0iM9Kw6ESNkPkwVBJ1x3l7JEqiHyRr9xbNeWsSyQQ-GZJW0o10vQIY3kW8weXsNPAG8kCAhkIsuIFyIs1hCdifpAmqkQIZrAjXexNd0hNdB8bs2QM4MYMDjjmOOBk3M8_EjrfgLYc2PT40CtnmAPejPDQOdLs3jixmYXKCe6WVnDXr5Na7je8lQ_bvWicaEDA5cM7U9rtSVLJFuS85dJFtVcW674axaHx6_f1UzJGbfTG_3rl-rUBlOg-FbTpz8h_uiH573YqXuS9O8R9YGwihNYl3QF-efkahs_sNgsVdgBEYc&lptoken=1635747d978b359a5979&external_id=36197-742676814&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sun, 29 Jan 2023 06:01:00 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPNx44rB8RYppPAsxWqkOutwtq9%2BCHVKXub2FDsa2AI9iHabrtoejiGjqjHsZbaKvgMOPJr%2ByS%2FqAIKj2PF7oxJbUE3CIyc%2FFwhkBkT86ca8oFEtg%2F%2B7XJCGXL%2FS9PEIiuTWOJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8dcac750b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/css/style.css
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/css/style.css
IP 104.26.13.87:0
GET /sl/html/EN3/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=13343
expires: Sun, 29 Jan 2023 20:13:28 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 34952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM3lj%2FGlAIoyVciWgCagviuugJU4fZmE4AVxPRFnE9%2BrWW%2B1u%2BCk06W314dHpgPTUf1fsfNacOQ6b3vK%2Beg6F5RN21j1SNeMSN6WUIBPR2%2FzB%2BgqjaFUPZ3hCpI9wKnMrNiy%2FXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e05db20b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/js/langs.js
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/js/langs.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/EN3/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=38889
expires: Sun, 29 Jan 2023 20:40:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 33303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWL8srtTJ2m4j5T7o4gyDK7CKyEq2uYe6doW29ZpTlNjKkuDDbIee1K9baSWy7sPIaHjSt%2FRu8a%2FAIdbCcNBgCBOAIzSaU5fWQpPiDTPhHNnX3LLhLOTHpSbg7B0l929ZL%2FMbpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e06db90b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 29 Jan 2023 06:32:54 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 84185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jc3uj1FJmWIwkDAN73GxLSwEuOxt%2Blr30JUvhKq3kQzKqDQSFGsxlY%2B2QtqRarkALOJVkKyXpH7USEUAitlubVUTwcwVSKw3pGlaoxtraPxEXMwGkREMnA6WdHc5v0DkU8ziFUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e06db80b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/privacy-policy.html
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/privacy-policy.html
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/privacy-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 29 Jan 2023 06:01:01 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVQNmXaR2ypqSFjBYvIWu5KZW0GhamGD%2FyuN1nhvwWUcnzOv4EX0dW5EMo5HwHIsswc2QNerrvyeCFk8Zv%2BwwJshHKNxCFPQv8wS2aFgRzOZaT4QLQQfQZibJIqC4NSB6mbU%2FE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e3eef50b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Slu4tZeufuO%2B%2FPtcWbskKn2njHEnX9V1XcZX9YrAEzEZeA8NpCbzoco11AQ54Mis2jJD9AAUgPfsec88wg225V9rlftX9fUlhB80BjP4VFbyv%2FIt0la3btzR%2BvyXtl1DWfLdzq0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790fb8e52fae0b39-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 31 Jan 2023 05:56:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/EN3/js/config.js
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/EN3/js/config.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/EN3/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:00 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sun, 29 Jan 2023 16:14:08 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:18 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 49312
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeECtTt%2By8QMCZ%2FGmAYjhyLqb795dO%2FloY2n1F%2BJ7bNRIVBikN755VZYtAo8cHZNUYxZuA4HckG0BGVBOS7jzmJMVROKd4YlsZlwUoo4LdCBtf6Hjzlln6QbaOnzeQVYhkstS38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e06dbc0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1674971760
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1674971760
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1674971760 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 30 Jan 2023 05:56:01 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZuXr%2BC9bj9F6kA4Jp0X%2F8X6VcTrKUFFp9x6cb3bprwvkXEcXYsC3ssPo7zzMQKGguuteQiPVc6Bn4v5w3OIAmvAJu0IsLQc9Uq%2FRj7f1o7tdYI9v9q2%2B8nXBd4XzD7eCOo%2Bh4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e05db40b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/main.js?1674971760
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/main.js?1674971760
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/main.js?1674971760 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 30 Jan 2023 05:56:01 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZICPnpJ5ZpTXri6BgcuzDagIcvOOdnvNnKgEJb4rpZTwg8j0hJFKUMXn8cb49I5JOhBcAYNJXc%2BDspQkcTtZqeFOqJ1W9GbZ4fbbWXmv8ZX7oJfX25VAFtaVKeacmp%2F81zrzD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e06dbe0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/cookies-policy.html
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/cookies-policy.html
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/cookies-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:56:01 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 29 Jan 2023 06:01:01 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwrqAVXaqIr%2F6rhE9NVMQ9vlVytYp7C5umxMD5jwmPaCJ24g%2BSXfkftXV25MDkxby4iZ0N7Q0E4H5tSgkQIHULICdrywAqG5ZaIRlqU%2BBEoy6ju2E2Ue4QlIJ3UFoBwBhWrxIB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790fb8e3eef60b39-OSL
content-encoding: br
X-Firefox-Spdy: h2