r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3688
Expires: Tue, 24 Jan 2023 21:45:48 GMT
Date: Tue, 24 Jan 2023 20:44:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19001
Expires: Wed, 25 Jan 2023 02:01:01 GMT
Date: Tue, 24 Jan 2023 20:44:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 20:35:07 GMT
content-type: application/json
age: 553
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9357
Expires: Tue, 24 Jan 2023 23:20:17 GMT
Date: Tue, 24 Jan 2023 20:44:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 33dX056oFYkL7iQtsdhEiOc9wnOKdkv0T8Zzn87O83OOQCStkKpnSbP//DhQxd+/poS4zpuVYlG/f4hW8vmQSA==
x-amz-request-id: 7BEDZ5MVKKKPCN8M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 19:48:17 GMT
age: 3363
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 20:44:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 20:17:31 GMT
age: 1609
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
revistablanca.com/2020/01/
67.227.226.240200 OK 2.3 kB URL HTTP/1.1 revistablanca.com/2020/01/
IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (652)
Hash 4b7f13a0f00f52683f9cf40e49c6ff20
eae0a1599ea60c5e9dea8edf555132614c9cad54
1f346d1867afacd9f62348ca0a7b06cabf5d40c51c87f7a1f2eaf2ed4b42cec3
GET /2020/01/ HTTP/1.1
Host: revistablanca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 20:44:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21523
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Tue, 24 Jan 2023 20:44:21 GMT
Connection: keep-alive
revistablanca.com/page/bouncy.php?&bpae=GbhGtLvmtEx%2F9rvvvfEmgrPz4S%2BU2zQB9TPVNhQgmvAt%2FVzqpJ%2Bxy3eW7oK1zRYyiBN80J%2F13qdMkbOmnUdCJzp2B3BVv%2Flekx%2FxPlI9X6BqUNDoGrV1%2B9UhwVNAYfcCIFwbQQ66HnKKWwZfPpAV2ScWkhHXZOcMUU9zIV5eKsC9QojenUXXLlU66dS3RaFuKolvr4akdhdH%2BtFY3CKqEhULfwQLb1o8OsmyhZEoNot8BN0NLcrdLlgVVWZC%2FrXtnn%2FS6h7k%2BjQQudXFth7bFGXkHup6sXXSUICdlNH646RGsFKAm5MNuPNOk50AqTcUd8cvCCfOcNMF2XYoVho11o3QMx6ACtzdBR32pxgsvVulh%2FVTrAXObaDSBaisD6w1JL%2B8rp2f0lS2QJqNHOoj2XeftbYRXEJ0s7rb5ms3zYL81%2FiZSDXef%2F0nqurwnx3waZM2j9%2FzZ8bhn35bhNqYCQT4Rr6l4bBuUsgp199sZ5DXN2phnUe%2FiH%2F8u2eAjOWXvn7GHw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
67.227.226.240200 OK 982 B URL HTTP/1.1 revistablanca.com/page/bouncy.php?&bpae=GbhGtLvmtEx%2F9rvvvfEmgrPz4S%2BU2zQB9TPVNhQgmvAt%2FVzqpJ%2Bxy3eW7oK1zRYyiBN80J%2F13qdMkbOmnUdCJzp2B3BVv%2Flekx%2FxPlI9X6BqUNDoGrV1%2B9UhwVNAYfcCIFwbQQ66HnKKWwZfPpAV2ScWkhHXZOcMUU9zIV5eKsC9QojenUXXLlU66dS3RaFuKolvr4akdhdH%2BtFY3CKqEhULfwQLb1o8OsmyhZEoNot8BN0NLcrdLlgVVWZC%2FrXtnn%2FS6h7k%2BjQQudXFth7bFGXkHup6sXXSUICdlNH646RGsFKAm5MNuPNOk50AqTcUd8cvCCfOcNMF2XYoVho11o3QMx6ACtzdBR32pxgsvVulh%2FVTrAXObaDSBaisD6w1JL%2B8rp2f0lS2QJqNHOoj2XeftbYRXEJ0s7rb5ms3zYL81%2FiZSDXef%2F0nqurwnx3waZM2j9%2FzZ8bhn35bhNqYCQT4Rr6l4bBuUsgp199sZ5DXN2phnUe%2FiH%2F8u2eAjOWXvn7GHw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3ec497aeaf69d4fcbf69850756b12993
b1f1fa7fcaa03c28e9fae559d3af5a4e7b50fc2c
5b12d8772a0fe0748ae32b00afa1ba42805271d87be05d37db19fe59916df616
GET /page/bouncy.php?&bpae=GbhGtLvmtEx%2F9rvvvfEmgrPz4S%2BU2zQB9TPVNhQgmvAt%2FVzqpJ%2Bxy3eW7oK1zRYyiBN80J%2F13qdMkbOmnUdCJzp2B3BVv%2Flekx%2FxPlI9X6BqUNDoGrV1%2B9UhwVNAYfcCIFwbQQ66HnKKWwZfPpAV2ScWkhHXZOcMUU9zIV5eKsC9QojenUXXLlU66dS3RaFuKolvr4akdhdH%2BtFY3CKqEhULfwQLb1o8OsmyhZEoNot8BN0NLcrdLlgVVWZC%2FrXtnn%2FS6h7k%2BjQQudXFth7bFGXkHup6sXXSUICdlNH646RGsFKAm5MNuPNOk50AqTcUd8cvCCfOcNMF2XYoVho11o3QMx6ACtzdBR32pxgsvVulh%2FVTrAXObaDSBaisD6w1JL%2B8rp2f0lS2QJqNHOoj2XeftbYRXEJ0s7rb5ms3zYL81%2FiZSDXef%2F0nqurwnx3waZM2j9%2FzZ8bhn35bhNqYCQT4Rr6l4bBuUsgp199sZ5DXN2phnUe%2FiH%2F8u2eAjOWXvn7GHw%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: revistablanca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://revistablanca.com/2020/01/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 20:44:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WEjBIA0UVWhY0bJuxlOVOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cjAFZ7CCnp9/xcsDGgXpa4bkGD8=
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 922218aee3361b25d219b29f1179b0fa
1ea77e6c39bfb30e75dd3f3a2f23857828fc2c52
11825be022d5109df64e8973da624e331271414285252d372a1070a67320ce5f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98672
Date: Tue, 24 Jan 2023 20:44:21 GMT
Etag: "63cf0ed6-1d7"
Expires: Thu, 26 Jan 2023 00:08:53 GMT
Last-Modified: Mon, 23 Jan 2023 22:48:54 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3z5zWZnDpkO4npv8kC_FyhjINyxRx75CvdmAZxDcGneXdx0qYHQCsA==
Age: 4800
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwkip2ssb7ta3ks4m2cmodonc&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=e0871488-9c27-11ed-b1b6-0a1227e460d5&cid=wkip2ssb7ta3ks4m2cmodonc&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwkip2ssb7ta3ks4m2cmodonc&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=e0871488-9c27-11ed-b1b6-0a1227e460d5&cid=wkip2ssb7ta3ks4m2cmodonc&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dwkip2ssb7ta3ks4m2cmodonc&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=e0871488-9c27-11ed-b1b6-0a1227e460d5&cid=wkip2ssb7ta3ks4m2cmodonc&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 24 Jan 2023 20:44:21 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wkip2ssb7ta3ks4m2cmodonc
pragma: no-cache
set-cookie: cc-v4=lqc0G7ms1%2FWj4HTqNTXYCN4aYqbBCxaqgTNh7iEJjJH7WPqz%2Fcb%2BuVL7oI4G6F4JXFmnvgBI4WO5QjsSnGac%2F5o5h6HNnS39%2BYaHCZAie3wzwqYpV68Bb5e4bB5oTQDxP2wy%2BXzvDM1th0AbV3jmBA%3D%3D; Max-Age=31536000; Expires=Wed, 24-Jan-2024 20:44:21 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
alia-iso.com/favicon.ico
35.172.34.123404 Not Found 653 B IP 35.172.34.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=e0871488-9c27-11ed-b1b6-0a1227e460d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 24 Jan 2023 20:44:22 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: DrgRtLBO
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=e0871488-9c27-11ed-b1b6-0a1227e460d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
35.172.34.123200 OK 1.1 kB URL HTTP/2 alia-iso.com/zcredirect?visitid=e0871488-9c27-11ed-b1b6-0a1227e460d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 35.172.34.123:0
Hash 19ee11e14737cf48bb1d257765dde657
e499d75fc78126b6dca2445c1b805071135acb67
5f5699a1723b8f14ead67c9a014362c1ca8444b4c8b5dcc20a35c233cc4efee5
GET /zcredirect?visitid=e0871488-9c27-11ed-b1b6-0a1227e460d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/e0871488-9c27-11ed-b1b6-0a1227e460d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:21 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: iLdFOIGr
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Tue, 24 Jan 2023 22:59:33 GMT
Date: Tue, 24 Jan 2023 20:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Tue, 24 Jan 2023 22:59:33 GMT
Date: Tue, 24 Jan 2023 20:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Tue, 24 Jan 2023 22:59:33 GMT
Date: Tue, 24 Jan 2023 20:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8111
Expires: Tue, 24 Jan 2023 22:59:33 GMT
Date: Tue, 24 Jan 2023 20:44:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:59:05 GMT
age: 81917
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462fc1946b8dbae49aa3cf22291fc707
400c6dc7973b36a5d3e43cc3b439da49ab6c76b5
88e13373963e8427baa4cdf19909eb297aafe035ec0376cbed6d4f4fa45dbd32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4381
x-amzn-requestid: 528fddee-8bac-466a-8f82-3d5bffab7ca4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFpFghoAMFSPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-63f97c8409b808910ce8f50a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USeM1Ot6q0_lK_EdmyYfmyH-Aklt_yek7fg9ayjlDCPS9KobKbHCjA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:59 GMT
age: 82043
etag: "400c6dc7973b36a5d3e43cc3b439da49ab6c76b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3a9064c5b6dc05569373c5065cea0fcc
2be2bd57251e0cd677fb1f1cb14873aa56088da6
50adef35b1736acb4fd6443051e6de2004825550d4d4097d4a6176596d300ee7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "50ADEF35B1736ACB4FD6443051E6DE2004825550D4D4097D4A6176596D300EE7"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2866
Expires: Tue, 24 Jan 2023 21:32:08 GMT
Date: Tue, 24 Jan 2023 20:44:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3172dcbfc344029f09fec71cfa869af7
1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad
e818325e9a7a516912bba892f0ff7377ee0a60d0a38afbbc7f41f8f5d7857a07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 25119c89-8b57-4f78-ba4d-6181a565fc55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrOG_VIAMF15w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-5f7fde965860cba74a51ddbf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZM3fGgrP1P7ju8-1AFIahWbbTgZaAu3mCZyN9m_g_rw6rWHeldJhmQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:19:21 GMT
etag: "1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad"
content-type: image/jpeg
age: 80701
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 07:54:32 GMT
age: 46190
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16d9c0855b43a6c2351cb450187948e2
7208e2e4beb739ae9aded4a207d48cb3572fad5f
92b0423b09aa653ec7326d0aa05dbe137ba452ef21f118c7eb6499a8ccecc8fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12907
x-amzn-requestid: c9f9a619-f0e1-4bc4-af2a-796b16aa1250
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFqF-lIAMFXIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-625e4bab03baa979605f13f8;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kPx_xJAOsrYKWFcHe6JlWILe3jbBtqFuOphGjZALwy4xJC3F2vE2Xw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:57:33 GMT
age: 82009
etag: "7208e2e4beb739ae9aded4a207d48cb3572fad5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb690b8f5503bf4bcf424e58ddb6b8c
eb96120190e3a5c286ac5ec51ee8b163540377fd
c762b17d3e43d773966490d1186ebc352a78d47781c77a4f048e32fee9732b7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: 3f4482cf-98a5-420e-abe7-17fd2d214da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxIF3aIAMFWoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6d-0c1838dc7b4ab4650d54ee56;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RI2PzIKXk_H09T20cGoqTCC1WdRp3S5N6TOBX_lIcEk8wYaCIfCPJw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 81378
etag: "eb96120190e3a5c286ac5ec51ee8b163540377fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa5jbj1&sub2=34496&sub3=21&sub4=s8hnpa5jbis&sub5=38577&sub6=156696&sub7=frd&sub8=
172.67.165.172302 Found 0 B URL HTTP/2 m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa5jbj1&sub2=34496&sub3=21&sub4=s8hnpa5jbis&sub5=38577&sub6=156696&sub7=frd&sub8=
IP 172.67.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=34496&offer_id=5246&sub1=s8hnpa5jbj1&sub2=34496&sub3=21&sub4=s8hnpa5jbis&sub5=38577&sub6=156696&sub7=frd&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 24 Jan 2023 20:44:22 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d04326108c150001497fab; expires=Wed, 24 Jan 2024 20:44:22 GMT; secure; SameSite=None
afoffers={"5246":1674593062}; expires=Wed, 24 Jan 2024 20:44:22 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNOQdV75HzAkfhcmDIGydOcEfvHJiVwSGBWF96ltTwRa3%2FJy8TdeD3a0q4Yvy3qxF9uY%2Fo5hHC55mC68Oxb1ZOx9xtGsaREEHImfYLIBbrVlbT%2B18YTPtbxesg3EGHhzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b513822b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 03042628e0cd0f7e8ce20a5b9ec3c156
6fb538b04bb1e9867a56cea7fe50d0bbb0967d97
041ec9f937c1603cc87ed3e6095aca070e1aa8f222eb0cf63ac838c9b022d02a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 20:44:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 28 Jan 2023 19:38:32 GMT
ETag: "6fb538b04bb1e9867a56cea7fe50d0bbb0967d97"
Last-Modified: Tue, 24 Jan 2023 19:38:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78eb9b525a1bb512-OSL
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496
34.242.116.152302 Found 270 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496
IP 34.242.116.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2f5e2c05368207bf3019f2ea76579796
065e21d797f5626bc2abf0df8a3733ad65515e36
f6231926c978a979ee34742d2d3130a4699088d4fa6bfa1159e8fa5b65a35920
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 270
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Jan 2023 20:44:23 GMT
Location: https://toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496&ckmguid=2c847456-e80c-404d-9685-572f69b97b32
Connection: close
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash e15c3dc942cf3b670aad9f0ade5e57a6
384367ee96b909bcc8f9dc82234d1affa2d40fbb
13f60cc7b2e9d6d7202561f1d98d10934351c0d5a54811c7728cdb64cf1500f0
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 20:44:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Sat, 28 Jan 2023 19:20:24 GMT
ETag: "384367ee96b909bcc8f9dc82234d1affa2d40fbb"
Last-Modified: Tue, 24 Jan 2023 19:20:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78eb9b563b02b50f-OSL
toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496&ckmguid=2c847456-e80c-404d-9685-572f69b97b32
52.19.202.187302 Found 234 B URL HTTP/1.1 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496&ckmguid=2c847456-e80c-404d-9685-572f69b97b32
IP 52.19.202.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6e13e953a067bcd81afd980f344eedc9
c624629ce72a37b9bd2c0863145057158f659dc1
371f16d0f5b80a01d59ff74237e672658d0e092c92baace5a8ac83a0388161c2
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d04326108c150001497fab&s4=34496&ckmguid=2c847456-e80c-404d-9685-572f69b97b32 HTTP/1.1
Host: toomoffr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Jan 2023 20:44:23 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742357838&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=1ZlT3u5cNA9KyROt4EP/39Qwn2IB2fb0DeMlOeUECtkSBZELr3iCMw==; domain=.toomoffr.com; path=/; HttpOnly
trk=ilgL6KsZf2M5SwftsnhvVtQwn2IB2fb0DeMlOeUECtkSBZELr3iCMw==; domain=.toomoffr.com; expires=Fri, 24-Jan-2025 20:44:23 GMT; path=/; HttpOnly
c36197=1ZlT3u5cNA+HWtQbe/vxpO156A9AFtYOUt6Q9MK3hcdeCUghiDE1Zg==; domain=.toomoffr.com; expires=Thu, 23-Feb-2023 20:44:23 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742357838&source=16295&sum=
18.193.146.82302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742357838&source=16295&sum=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742357838&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 24 Jan 2023 20:44:24 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/032107/n.php?cep=AePlgX0I5obMdd4b2NNsln48GI7fsfHf6aqgXR1sYzFpQGNeGxZr2yIqj3pkLh0xEIkzg0u0tbJyyHog8vfOafF3GibqDFU1e2VJSMAx2LYnPaGG0K3YKYVWs0me5XLZXN-bXLr7Qg6pWBZIr_UYE9HpgA_T1f2YEQ8AbCjOb4HUeuxQFITCvJc_PVKyAXYOmkik9jYZJJOJNvBOABTxAthTrRr93an2OkHlOp6Mh2Yx0y9B6jIHgxn25fvS5hAk8fsgYV3m-f-UhhF_EanYueu7LDBVfEox6_1xBT6bt9MEL5XFsnsJQyJw6tr2eGhu62cHN5xXiNDWa5alRaSz78mwmxKAMwIDIXclzSXHywppjvivAvrQVQnPt1J2RE9Vkdn075Qv_8UGY4q16FFcC0QZ5urbxAHranvJhlJSzgs&lptoken=16d374d05939483b64c0&external_id=36197-742357838&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=_esIOTI-4MMgFimMXMd0oz38ymtZggSpDirBCGXXitw; Max-Age=86400; Expires=Wed, 25-Jan-2023 20:44:24 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=bsygsKBG14Zbh6YX54zi8gWMpueL0VcvPxmOYw6cgyHmY6OW9tQpd-pZ3-B8bmiHIjmssdzsWM4cCDs395hEbOxqCszj2wZRWd6Isy_dCvgWD6oAPyhfLNnONtPVI3eEijo7tF7eyjJU97g6nsYP9jwi76L-8B1NpYtOZ1O7Z3kwWDNxBEjR2W5KcsugOW1OqyjmoWFkcvQEI5sl2Y1yw5QgaY5XAiKwdyArlZQCuk75T83-MDe4eTmOfeHkQ0mrBYscxQEd3__QiUElgnBNFkk1SvJc0D4aWBprz4DrTOmt-qtisduO0ZL53jE7r9aRjVF1xrszuWtPE2DmzBBbS5h0hRnph1ibK_G5lMeg8gDG5-g9JvRzDPNMoEJUVNZTBUj1qC_nvKmL5x4rvTgzta1xu3UMY3ODTt61REVsY58; Max-Age=86400; Expires=Wed, 25-Jan-2023 20:44:24 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/config.js
172.67.71.67200 OK 660 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/config.js
IP 172.67.71.67:0
File type ASCII text, with very long lines (332)
Hash aca87370003f043e7f2d25102401c26c
87a78800a9e39f8fddc28fc76a5328b7ee86c67a
1ad86e29a3a3b3b37cc8eccb719afb026ae8594130b8294fe0411a938321beea
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Wed, 25 Jan 2023 04:54:36 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 56988
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCxSkFtRfd%2FHOsH8cxxatE5exbSdqLyv%2FnQGbqqezhsYi5DRupMnaRkOs6gnALPWjjibaxDy7aXMpXbPzEsf9pq0CSlbjjp07Orf2lhYzI4EJ%2BLqEE8Jwd28tdSMR8daPVfYmXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7ac2b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
172.67.71.67200 OK 32 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP 172.67.71.67:0
File type ASCII text, with very long lines (65451)
Hash b57d66e265f30f37af8e8753afbbaeb5
c66f3c8df247f6c49d2f9522ab1c138357003a89
2badf16d35f2b2c9ac07accfb9a4d5c535af94acb020f1c591ad51ab423cca97
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 05:41:08 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 54196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9wOhxO7K7jnNSmSYn1T4z72dyo%2FEDkJcuClyjfOvdEvJx9eDVkmeZzBOZ5WwkZ2f0IBv6WK40vFpx60M0z5TGaLT%2F6XN695XJqanDdOLqwo%2BgmlDbm3Nkmyht9nTYXUTs2BvM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7abbb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/css/style.css
172.67.71.67200 OK 1.4 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/css/style.css
IP 172.67.71.67:0
File type ASCII text, with very long lines (2785), with no line terminators
Hash 5d03b15ae93f44a9bc735c824cf60bd9
1be0bd02b8198d6b63ec96e123329054e825588f
30c8ca300adc6bd8b87a9e008f31e220169ad9dbea763398092b907b9599a0f7
GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Wed, 25 Jan 2023 04:54:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 56999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DKwZy8Gl4TgRG%2BixfjMoGt1OM7QvyylTRrMR8ixrSMybr6z5ErqmjagVSwv23u%2Fi0p2x5nbavFEIVfR4%2BsDH%2BU5UUWt9tZ%2FdQgtMCvR9Dn8ibT%2BoB0aEC1f8CiMjxXEiLlGjbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f6aa9b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP 142.250.74.42:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 20:44:24 GMT
expires: Wed, 24 Jan 2024 20:44:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
172.67.71.67200 OK 6.6 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP 172.67.71.67:0
File type Unicode text, UTF-8 text, with very long lines (17654)
Hash 3fdcab96263a9fa2ce562aed0118b656
0a56c0fde11bb1422385a65acbfc9d4d23ec1c8b
ad029c71489503cc088d2750cf3baf896abc0bbfb00e11ac6c4d9a22d6bb62f4
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 05:41:08 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 54196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqhIkN1pRjdW2h6CeWgkemRDyIWDq2UcO8DwsqpfwMD2M6mJ1JYITzACMfJDwSM1iTff9y336VsN7vFgZ8T5%2BBPHRJwCb4k078I0bd7pUqa9gPVxQCMGagOq7mZSx9r2ar%2FKJW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7ac0b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.163.28204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 24 Jan 2023 20:44:25 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk5XA99zkA7QrvGVdax0xLmnA3FN6VLhfoHyI4Do920VN0OXcQESUisNu0z28xEzRb3p4zKq5BvwEfljVZ5BJyQ%2BGpZByfT5i0gk8PhlmLJPER5LUtxr3TZlSMIgu7CFSmwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b61088c7725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
172.67.71.67200 OK 40 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP 172.67.71.67:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2447)
Hash 8c9e280f69d1770d9523348407d289d1
1148ae0dae99b59e7f68a9eb1707a1f86bb0b487
9cfa63cc56af9fa1a70a7c4f74c23fcb49ba9ad3fb585e41c4396fc647d9108c
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 04:54:25 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 56999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXKlZPsic0%2FE1sRpZDcKJlcbUkVZI%2FRE9XWbgMti9FPGvbm23tO2qiPugfXAO%2FwfS9rW6SczPSzrDal5SP69cajUj1%2BqI87ddbwQSGS9Vf0peNM0I2q6qyAhOuyfQhMNQD1il38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f6ab0b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=AePlgX0I5obMdd4b2NNsln48GI7fsfHf6aqgXR1sYzFpQGNeGxZr2yIqj3pkLh0xEIkzg0u0tbJyyHog8vfOafF3GibqDFU1e2VJSMAx2LYnPaGG0K3YKYVWs0me5XLZXN-bXLr7Qg6pWBZIr_UYE9HpgA_T1f2YEQ8AbCjOb4HUeuxQFITCvJc_PVKyAXYOmkik9jYZJJOJNvBOABTxAthTrRr93an2OkHlOp6Mh2Yx0y9B6jIHgxn25fvS5hAk8fsgYV3m-f-UhhF_EanYueu7LDBVfEox6_1xBT6bt9MEL5XFsnsJQyJw6tr2eGhu62cHN5xXiNDWa5alRaSz78mwmxKAMwIDIXclzSXHywppjvivAvrQVQnPt1J2RE9Vkdn075Qv_8UGY4q16FFcC0QZ5urbxAHranvJhlJSzgs&lptoken=16d374d05939483b64c0&external_id=36197-742357838&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:25 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm1j5fPLA%2F6de74HSiHuHLeoUP2uHEDhAkiUTwYKihP7%2B6vcGFXbv8Qirqq1oJO9Cnl48%2Fr%2B4sqO9QCwbti%2BvhcJ4bONF9tFlAIpbxXXao%2BVeVYDtP59l8bBBMaDFMzcRu%2F0mvZ6BtOn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b638dd57725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/main.js?1674593064
172.67.71.67200 OK 52 kB URL HTTP/2 mycasualhookups.com/sl/common/js/main.js?1674593064
IP 172.67.71.67:0
Hash 47288336ae75051e67ce0e9356c9645c
680bd7259c9c6168b4aab558d3b4bdf0fba8bc3b
a136f963b250b19233d6dd764dc290f4fbdfccf44a2d603502e64d65a7af1bdd
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/main.js?1674593064 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:25 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 20:44:25 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhuzvBpmZDhg2ddMBgktlubOfqCsiVfL2kTuG%2BMSwgQzPVZFsZzxgf5g4JD2%2Bm8AEFEKUyfUwmAxvCARdGBQpy1FF%2B%2FpX6vMafPxyoeT8GW5jXZX%2B1LV7eXZ2ph94jpDiYas3cY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7ac7b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/img/top_panel.png
172.67.71.67200 OK 1.2 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/img/top_panel.png
IP 172.67.71.67:0
File type PNG image data, 640 x 63, 8-bit colormap, non-interlaced\012- data
Hash 3d5a8980cd2bd44fdcc440b2b4a7b715
ce08d2573e3193b1cf1ec576bdcb9cc5c01efb18
066fba09681917ca5d2df75ef149c9cb8b7f3e71fd8cb2dbc63f6267af1946ea
GET /sl/html/032107/img/top_panel.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/html/032107/css/css.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:25 GMT
content-type: image/png
content-length: 1231
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 04:54:39 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 56986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Br%2FidQ9xIr9%2BtqbPqai7P%2Fbq4AOxYfnlYjL3r9ErJ30Sj4ZCw3bxMgLbOxzv7Ch%2F%2FAHtP0bwkd7EpYTwXYLb5owRH0XrH4J6Ye4%2ByxjxPySo1vkARcSp6FFM0eHebpZQAOebfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78eb9b6469f3b4f1-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
172.67.71.67200 OK 11 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP 172.67.71.67:0
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash 236814b7c04ae22bef89702a8f3b7e81
82ffab55fd83dcd1954d22d034401fcfb4779b09
517d40b06f4b9d7ac76e6044a0fa3468274aa61a32806e8fabe1163d6502758d
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 05:41:08 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 54196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw1FfsoA7odUkMnnCcxJU%2BToTpmeKmxT8Q5wwtpKYVvAU5SUSFDPlg%2FdOajYPFJR6gzE%2Bab8grvaNxqQfOGdQDFBdv5tbnNpOqFvdxEWkT4thUD2FUMZUR%2FwZhgoLQRlIgTXofk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7abcb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/main.js
172.67.71.67404 Not Found 1.8 MB URL HTTP/2 mycasualhookups.com/sl/html/032107/js/main.js
IP 172.67.71.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 1.8 MB (1787370 bytes)
Hash 5bb4c37d33b4c14808a9338925e3b0d8
6ba4652eb3ed51679c146e3947ee5f58dbbc858c
ea9701b70135d2ec72f1f2421e39960d4addd0f7431480712536d4b25e384a28
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 24 Jan 2023 20:44:25 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Onydb%2BckHWGA0VCwPCMIDg1KBkaN032b9p%2Bq6urnxl5GkFhgvYDgnPGOtcTdd%2Fggik52CuV0QWKQfZxwUWxd%2FLI%2BqHriPBNh9I1XW88uivja3rGY7pzyLMmvf0ewHKKunEQr0jg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78eb9b5f7ab6b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 20:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 20:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 20:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 93105
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 20:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4185640-fb99-4630-b465-c5251587ba55.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4185640-fb99-4630-b465-c5251587ba55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 538f5b944f86cfc1b68f06187558841b
5b5619ecb739f2605b0c77f3e6608249399cb77c
b5e459d4af69cc97c4aaf810654f3d583670e470c82d12a5e8f59c97c97cda11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4185640-fb99-4630-b465-c5251587ba55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5557
x-amzn-requestid: 8573b326-0255-45d0-8e93-eaf4bc0d420f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFUHThIAMFoBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefeee-16c3abdd257b834525087045;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8BWgeONZO6KHihZoI0pfCbH3HXDC3AAlN--ABwaRm0T9V4HP9ogx0g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:30 GMT
age: 81599
etag: "5b5619ecb739f2605b0c77f3e6608249399cb77c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/favicon.ico
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/favicon.ico
IP 172.67.71.67:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:26 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 10238544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxUE0ZLKZzuf2qyPdqj1Jm1AdvU%2FSFFYnHff6J8aVBcwjcKpbOxwwPEwd5t2rM9xDQRH1y8Yv9lV%2BuoJ6NGN%2BFBglTD1TeermE954wcpythGhAkSj%2BUya%2F8OpYDjoiu%2FfRpVOJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78eb9b66ce38b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
172.67.166.71200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 172.67.166.71:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:26 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rucy8ANn%2B8rWew2OFHe5xzRqDx1qC6ABR5tnayj7wXbHUSgfmEssNwydA1kX7ipWqdVBAhQCnnycUQYFgYNBwtTuupSKof%2FpeVmi1YnPh%2BazpjxyM39QKfIm%2BpTr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b6b8e9eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7419
expires: Wed, 25 Jan 2023 04:54:34 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 56990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nR6wNhUNKCR0PrOA6bNYfnnETB23bvzHA67VUv3J8GCLw5xmsPt0DNHdb0GLYWQ3ABZMVk3RcMiktji%2FhDOTK1mE%2BiJJiCERrZbKp6ui16puIynnvldFsOESe5hT0WSWAF3P9%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7ac1b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/common-langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Wed, 25 Jan 2023 05:41:09 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 54195
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VqR38ODuAS5fREa0kDF68EmS2nbXKlfeFTW2gSTR8fKT6CpoDRtXE%2Bk1d7WzD08oE4B7PWya9vTX5L72sApxIMD0kAnYpETQJtD4BWywTMF5G2eVncqQnAC6X4v7ypNUnsAOss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7ac6b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa5jbis&sub1=38577&sub2=156696&sub3=frd
104.21.81.229302 Found 0 B URL HTTP/2 hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa5jbis&sub1=38577&sub2=156696&sub3=frd
IP 104.21.81.229:0
GET /btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa5jbis&sub1=38577&sub2=156696&sub3=frd HTTP/1.1
Host: hotloveland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 24 Jan 2023 20:44:22 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa5jbj1&sub2=34496&sub3=21&sub4=s8hnpa5jbis&sub5=38577&sub6=156696&sub7=frd&sub8=
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa5jbj1;Expires=Friday, 24-Feb-2023 20:44:22 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzQ1OTMwNjJ9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjc0NTkzMDYyfSxcInRpbWVcIjoxNjc0NTkzMDYyfSJ9._ndtzZsf4cUBn1-Vtl3zRnvStiWjLFV595f-VlIMGI4;Expires=Tuesday, 18-Feb-2076 17:28:44 GMT;Max-Age=1674679462;Path=/
_token=uuid_s8hnpa5jbj1_s8hnpa5jbj163d043267c3ce6.72936374;Expires=Friday, 24-Feb-2023 20:44:22 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BwdgSoflfarsVC%2FcKh2h%2BSRCzpDpjevqy%2BqXF448yqzYavlHmOKFZGCtHvzGbPTCsRjz46COIbz3KElBE1SS9%2FrLtuaYi8VZcPaYUnFcYI%2BYx7glOlvpJvl4YDJJHhkiQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b501ee60b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wkip2ssb7ta3ks4m2cmodonc
104.21.76.186302 Found 0 B URL HTTP/2 winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wkip2ssb7ta3ks4m2cmodonc
IP 104.21.76.186:0
GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=wkip2ssb7ta3ks4m2cmodonc HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 24 Jan 2023 20:44:22 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa5jbis&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa5jbis;Expires=Friday, 24-Feb-2023 20:44:22 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzQ1OTMwNjIsXCIzMFwiOjE2NzQ1OTMwNjJ9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NDU5MzA2MixcIjFcIjoxNjc0NTkzMDYyfSxcInRpbWVcIjoxNjc0NTkzMDYyfSJ9.V8f6Zy3Gsr0U-UPpwTGBaTHKWpCvnaXgu6WQjvD3A8Q;Expires=Tuesday, 18-Feb-2076 17:28:44 GMT;Max-Age=1674679462;Path=/
_token=uuid_s8hnpa5jbis_s8hnpa5jbis63d043261b2605.24221924;Expires=Friday, 24-Feb-2023 20:44:22 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPHbTGGWC4%2BKECbO5OY%2FgKvj2BqPI3RODGd%2F3CKaqowlUbwlapmIjc%2BzucVdurpXZWfEFEU8KnJOP%2FW2PXM20e7WgWPdME5ZZS5dCrvrxEBvZi8mZuYIG7jwqnbrJFBKNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b4d8eedb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 553429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piInAp23uB%2B18ErD%2B%2FLHJsrskLqs2MELJ1zd0AY%2B6zmQld8n9CwLNGTVtCNBD%2Fiy%2BBerf3Y%2Bhz48Kk6gLDP4ml%2FeDLjWVxUdgHLaeyXKSnV58UPOT0%2B8lSVOzcnvTgvihzEZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78eb9b601aed72df-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1674593064
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1674593064
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1674593064 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:25 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 20:44:25 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wi1u%2Bibd64Ua7BZ4hXqkRC%2BOnsYavcMyy%2BPE%2BooWaKMJ3DCiTLjyLBEm5UrvMUGgUmN3NagNZfuABTQl%2F7o0dZhjtcFNGpbsiQQKH0DTSgJpjWDkWeN8Ig7v13DswVO2fkBCrqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f7ab8b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/n.php?cep=AePlgX0I5obMdd4b2NNsln48GI7fsfHf6aqgXR1sYzFpQGNeGxZr2yIqj3pkLh0xEIkzg0u0tbJyyHog8vfOafF3GibqDFU1e2VJSMAx2LYnPaGG0K3YKYVWs0me5XLZXN-bXLr7Qg6pWBZIr_UYE9HpgA_T1f2YEQ8AbCjOb4HUeuxQFITCvJc_PVKyAXYOmkik9jYZJJOJNvBOABTxAthTrRr93an2OkHlOp6Mh2Yx0y9B6jIHgxn25fvS5hAk8fsgYV3m-f-UhhF_EanYueu7LDBVfEox6_1xBT6bt9MEL5XFsnsJQyJw6tr2eGhu62cHN5xXiNDWa5alRaSz78mwmxKAMwIDIXclzSXHywppjvivAvrQVQnPt1J2RE9Vkdn075Qv_8UGY4q16FFcC0QZ5urbxAHranvJhlJSzgs&lptoken=16d374d05939483b64c0&external_id=36197-742357838&source=16295&sum=
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/n.php?cep=AePlgX0I5obMdd4b2NNsln48GI7fsfHf6aqgXR1sYzFpQGNeGxZr2yIqj3pkLh0xEIkzg0u0tbJyyHog8vfOafF3GibqDFU1e2VJSMAx2LYnPaGG0K3YKYVWs0me5XLZXN-bXLr7Qg6pWBZIr_UYE9HpgA_T1f2YEQ8AbCjOb4HUeuxQFITCvJc_PVKyAXYOmkik9jYZJJOJNvBOABTxAthTrRr93an2OkHlOp6Mh2Yx0y9B6jIHgxn25fvS5hAk8fsgYV3m-f-UhhF_EanYueu7LDBVfEox6_1xBT6bt9MEL5XFsnsJQyJw6tr2eGhu62cHN5xXiNDWa5alRaSz78mwmxKAMwIDIXclzSXHywppjvivAvrQVQnPt1J2RE9Vkdn075Qv_8UGY4q16FFcC0QZ5urbxAHranvJhlJSzgs&lptoken=16d374d05939483b64c0&external_id=36197-742357838&source=16295&sum=
IP 172.67.71.67:0
GET /sl/html/032107/n.php?cep=AePlgX0I5obMdd4b2NNsln48GI7fsfHf6aqgXR1sYzFpQGNeGxZr2yIqj3pkLh0xEIkzg0u0tbJyyHog8vfOafF3GibqDFU1e2VJSMAx2LYnPaGG0K3YKYVWs0me5XLZXN-bXLr7Qg6pWBZIr_UYE9HpgA_T1f2YEQ8AbCjOb4HUeuxQFITCvJc_PVKyAXYOmkik9jYZJJOJNvBOABTxAthTrRr93an2OkHlOp6Mh2Yx0y9B6jIHgxn25fvS5hAk8fsgYV3m-f-UhhF_EanYueu7LDBVfEox6_1xBT6bt9MEL5XFsnsJQyJw6tr2eGhu62cHN5xXiNDWa5alRaSz78mwmxKAMwIDIXclzSXHywppjvivAvrQVQnPt1J2RE9Vkdn075Qv_8UGY4q16FFcC0QZ5urbxAHranvJhlJSzgs&lptoken=16d374d05939483b64c0&external_id=36197-742357838&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Tue, 24 Jan 2023 20:49:24 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azaedUvBPhSK3rGfSY5dTfe6T8baRZFzmKJ7ONXpeqnIcR%2ByKNhw6Rm%2FHTqhRh6so2ij3Wkopnd1M8%2BlB0qUds6EEE3OVmrB3aWqoBFMB4P3udbUQNvnKdQYr9gSCG3gmYMF71s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5a8b9bb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/css/css.css
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/css/css.css
IP 172.67.71.67:0
GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:24 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Wed, 25 Jan 2023 04:54:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 56999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0Qnlq4bjSl%2FWmkv%2F92UjCL6VJsA4lUT09H6vnPHunQa%2BSbTeGQb8q4vHDTlMANq8hftxT8XShK1XbBB371DrR9sTFIaOxzWW5qEZ794zfgK%2BFcQ6PDv4fIoKOszPIQsOK4boqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b5f6aacb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/e0871488-9c27-11ed-b1b6-0a1227e460d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
35.172.34.123200 OK 0 B URL HTTP/2 alia-iso.com/zcvisitor/e0871488-9c27-11ed-b1b6-0a1227e460d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
IP 35.172.34.123:0
GET /zcvisitor/e0871488-9c27-11ed-b1b6-0a1227e460d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://revistablanca.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:21 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: LIBlBYoQ
X-Firefox-Spdy: h2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:25 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjLiMfBKRrjJWy%2FfQZZId4aaKapnCeXnTTkwG6gUkylk%2FOOWa%2BtZl6C5dITm5wKrRQtIXlOgUFIjcuHcLgaDgLIwl%2Bfr%2Biq14NkTZajCp1AkA415hC%2BWXcgLjSjqGxgw%2BTKAMcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78eb9b667df0b4f1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 26 Jan 2023 20:44:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/cookies-policy.html
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/cookies-policy.html
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/cookies-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 20:44:26 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Tue, 24 Jan 2023 20:49:26 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZK9hxPe9lcyr%2BSQAY2SYKWPI57Mp4hyZN%2FxI2ewMBfi1JcTM6B6QExC2IWX%2FBEIIgaxL9eB3u6mdYa5oK7%2BRf6A0dzfe7RQmHXOLbwLoib6lRqfLIj0oqyzj47OXDni8XMW5o0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78eb9b6469ccb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2