Report - fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede

Report Overview

Submitted URL
fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
IP
151.101.66.159
ASN
#54113 FASTLY
Submitted
2023-03-17 21:30:25
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	507 B	14 kB	216.58.207.227
fressh.fr	unknown	2019-12-26T22:21:00Z	2023-03-20T06:04:30Z	928 B	1.6 kB	151.101.66.159
png.monster	unknown	2020-03-11T13:09:42Z	2023-03-17T23:37:08Z	414 B	19 kB	170.130.40.160
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	1.0 kB	2.1 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	409 B	1.6 kB	142.250.74.74
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-26T05:09:32Z	368 B	1.9 kB	104.18.20.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	50 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	3.4 kB	8.9 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	54.203.233.147
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
rainbowhookup.com	unknown	2022-11-26T16:20:41Z	2023-03-24T15:46:05Z	1.3 kB	2.1 kB	46.161.40.116
www.hugshub.life	unknown	2023-03-11T14:35:00Z	2023-03-26T01:34:55Z	16 kB	135 kB	178.162.199.80
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-25T18:16:23Z	417 B	2.3 kB	151.101.65.229
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-26T05:11:14Z	402 B	31 kB	69.16.175.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-17 21:30:16	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-03-17 21:30:16	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-17	medium	rainbowhookup.com/hookup1/index.html	Phishing
2023-03-17	medium	rainbowhookup.com/hookup1/redirect.js	Phishing
2023-03-17	medium	www.hugshub.life/s/62cf1c2230951	Phishing
2023-03-17	medium	www.hugshub.life/bundle/812/assets/js/functions.js	Phishing
2023-03-17	medium	www.hugshub.life/js/click.js?9	Phishing
2023-03-17	medium	www.hugshub.life/js/fp2.min.js	Phishing
2023-03-17	medium	www.hugshub.life/bundle/812/assets/images/v1.mp4	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.hugshub.life/js/click.js?9	6.4 kB	2023-03-13	2023-03-26
Pretty URL www.hugshub.life/js/click.js?9 IP 178.162.199.80 ASN #28753 Leaseweb Deutschland GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:53:45 Last Seen2023-03-26 13:23:34 Times Seen67 Hash b5854bc72fe9d6347725baca222138c4 a2513361e42e33ffbd63a8c9e4094be69143f3ae b9f1c39a20a76c81597029e11b2592c3ab1f7f90234a08f9eaab5bb0555d5cbc Loading...

	www.hugshub.life/js/fp2.min.js	31 kB	2023-03-07	2024-04-21
Pretty URL www.hugshub.life/js/fp2.min.js IP 178.162.199.80 ASN #28753 Leaseweb Deutschland GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:35 Last Seen2024-04-21 17:10:04 Times Seen1338 Hash e7d6b85edb141824af8951e19333337c 76600b2cb1978ca24d9fe39b1412f052da855ddb 6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e Loading...

	rainbowhookup.com/hookup1/redirect.js	521 B	2023-03-26	2023-03-26
Pretty URL rainbowhookup.com/hookup1/redirect.js IP 46.161.40.116 ASN #209272 Alviva Holding Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:13:47 Last Seen2023-03-26 08:59:45 Times Seen8 Hash d9d8a378f19166db02ceff3f685ac678 bdc0c027bc5de1ed93b07bc9703192d2070e0cde d8bd48a5bd33e2df1f487657083aa35e049066e7682d1cfc3db5c1997c3f6173 Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-23
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 21:43:07 Times Seen105736 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js	3.1 kB	2023-03-13	2024-03-03
Pretty URL cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:54:31 Last Seen2024-03-03 14:23:17 Times Seen51 Hash 54c5feb9068b48f86bbb5dfee70b37ec ae4d76007a1046ff04f54731850c233d51d573af 011aefbda7751bf283a0a16c869bb14d49d2ecfa767ae161c6db3a1eda0336e4 Loading...

	www.hugshub.life/bundle/812/assets/js/functions.js	754 B	2023-03-26	2024-03-03
Pretty URL www.hugshub.life/bundle/812/assets/js/functions.js IP 178.162.199.80 ASN #28753 Leaseweb Deutschland GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:56:24 Last Seen2024-03-03 14:23:17 Times Seen5 Hash 72c89fc242792d00d123b17a27042f45 34a3c5a5ffc54c41b51c2dc64a94077f17e51f43 962a67baba919fcbc5dbfca75742e7855a3afef4d250829c3b8e02007e1294e2 Loading...

	www.hugshub.life/s/62cf1c2230951	800 B	2023-03-07	2023-07-04
Pretty URL www.hugshub.life/s/62cf1c2230951 IP 178.162.199.80 ASN #28753 Leaseweb Deutschland GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:35 Last Seen2023-07-04 23:44:10 Times Seen218 Hash 95d0345d30a683b55552f88523905902 5c3b20ccc0817febdb27ee12d273c2021e4ba04c 06f49d481b230265f1c45b6e00bbe0a21181c79b2ceefee8b54202fa2ffc6055 Loading...

	www.hugshub.life/s/62cf1c2230951	111 B	2023-03-26	2023-03-26
Pretty URL www.hugshub.life/s/62cf1c2230951 IP 178.162.199.80 ASN #28753 Leaseweb Deutschland GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:56:24 Last Seen2023-03-26 08:56:24 Times Seen1 Hash 260df861d4eb9bd00cfe9d97a70aa845 79ce0495d81e3579f79d38c729a356fcfb216c79 9b9b3d26e793456f03189ea2b5e7e8aa0900e24e8ccfcb9cccbc3f3ac5102dba Loading...

HTTP Transactions (44)

URL IP Response Size

fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g

151.101.66.159

301 Moved Permanently

162 B

URL HTTP/1.1
fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
IP
151.101.66.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g HTTP/1.1
Host: fressh.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: e5fmlg1e1r
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Fri, 17 Mar 2023 21:30:15 GMT
X-Served-By: cache-bma1636-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1679088615.015894,VS0,VE1
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2656
Expires: Fri, 17 Mar 2023 22:14:31 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10551
Expires: Sat, 18 Mar 2023 00:26:06 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 17 Mar 2023 21:26:47 GMT
content-type: application/json
age: 208
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
003080c91d03081096b019a53f63a8e9
b3d742e037ae313261033338d05d8155f1bf7e6b
d64a58d2f2bca32cb33f6fb8581978238ffa9919a3b2ffb4ce056a57fb7c9917

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D64A58D2F2BCA32CB33F6FB8581978238FFA9919A3B2FFB4CE056A57FB7C9917"
Last-Modified: Wed, 15 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12500
Expires: Sat, 18 Mar 2023 00:58:35 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive

fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g

151.101.66.159

200 OK

119 B

URL HTTP/2
fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
IP
151.101.66.159:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text
Size
119 B (119 bytes)
Hash
4c2cc5566e049cd400a66ad4d66d290c
cc8e59bcd06a00361128c0f668a011db4e555f32
935cd80df8ad7d9a41979dfc869f8c906e5eccf4066f7d02fefa53b7301ad834

HTTP Headers

GET /wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g HTTP/1.1
Host: fressh.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 08 Mar 2023 22:11:06 GMT
etag: W/"640907fa-73"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: e5fmlg1e1r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 17 Mar 2023 21:30:15 GMT
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1679088615.207984,VS0,VE2
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 119
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 9s40hOkimPV6zJ+ORWBEKE2q8aNR4GrbcVFJ2XJQ0NE0UNSCvbT+BY5zsrBMYQ0tXxMojh+sRWw=
x-amz-request-id: TK2B92SH4DDYXB32
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 17 Mar 2023 20:57:35 GMT
age: 1960
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 21:30:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rainbowhookup.com/hookup1/index.html

46.161.40.116

200 OK

145 B

URL HTTP/1.1
rainbowhookup.com/hookup1/index.html
IP
46.161.40.116:0
ASN
#209272 Alviva Holding Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
145 B (145 bytes)
Hash
53003b49c7124040b08079b4e8354c7e
40ca43a51bdb48b118701dd366e06fe6f9bc9731
377f055292fa60d8aab5f7ed614573c77fe7d23e48a66e42f138af9b2bf7c3ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /hookup1/index.html HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Mar 2023 14:12:14 GMT
ETag: "bc-5f6f0ee4a8b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 145
Keep-Alive: timeout=2, max=100
Content-Type: text/html

rainbowhookup.com/hookup1/style.css

46.161.40.116

200 OK

142 B

URL HTTP/1.1
rainbowhookup.com/hookup1/style.css
IP
46.161.40.116:0
ASN
#209272 Alviva Holding Limited

File type
ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
591020de79cb492e2d0f03ac2cdda629
e875b8eb3de6f4e2370cc36e44a7af1275098969
6e6b667b1c6eb80802b079e06b6f92f6284b113098b7be8365651714ff90d71a

HTTP Headers

GET /hookup1/style.css HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowhookup.com/hookup1/index.html

HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Last-Modified: Tue, 14 Mar 2023 22:12:58 GMT
ETag: "c2-5f6e387afae80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 142
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css

rainbowhookup.com/hookup1/redirect.js

46.161.40.116

200 OK

339 B

URL HTTP/1.1
rainbowhookup.com/hookup1/redirect.js
IP
46.161.40.116:0
ASN
#209272 Alviva Holding Limited

File type
ASCII text, with CRLF line terminators
Size
339 B (339 bytes)
Hash
ea7d0223231ba3ef2891eb02968bc5ff
f933c4d4483079d595b942bfac5e933f600c67a4
7314bc11c9a6b610131be0455eb5622e7eea4561b4ed2b7f4147ad9c5436bdd7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /hookup1/redirect.js HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowhookup.com/hookup1/index.html

HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Mar 2023 13:54:08 GMT
ETag: "209-5f704cb66e000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 339
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 17 Mar 2023 21:14:32 GMT
age: 943
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

rainbowhookup.com/favicon.ico

46.161.40.116

404 Not Found

200 B

URL HTTP/1.1
rainbowhookup.com/favicon.ico
IP
46.161.40.116:0
ASN
#209272 Alviva Holding Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
200 B (200 bytes)
Hash
74e53b854c829f27b99eb3700dd7cd60
721d8d7b5162ee609a37c45f341dab5ff3e46cbd
50782c0a554d9f6847bf5620f692b8fe29dab5601af5d85f7cbdd8ce6d55c851

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowhookup.com/hookup1/index.html

HTTP/1.1 404 Not Found
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 200
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4044
Expires: Fri, 17 Mar 2023 22:37:39 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive

push.services.mozilla.com/

54.203.233.147

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.203.233.147:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2Og10E3TJBpmAt52eJUj5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZDz3ZpMGZBRmgThPVGEx/8z6byc=

png.monster/wp-content/uploads/2021/06/png.monster-12.png

170.130.40.160

200 OK

19 kB

URL HTTP/2
png.monster/wp-content/uploads/2021/06/png.monster-12.png
IP
170.130.40.160:0
ASN
#62904 AS62904

File type
RIFF (little-endian) data, Web/P image\012- data
Size
19 kB (18762 bytes)
Hash
35b55623fc0f1329f74bd5b3dbda21df
9f836420c21161aed9f5ddaca301efade997d8f8
9897a309d70ad90203f2863ca2e36922f9851341bf9cfd269e9801b99f0f1106

HTTP Headers

GET /wp-content/uploads/2021/06/png.monster-12.png HTTP/1.1
Host: png.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowhookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 21:30:16 GMT
content-type: image/webp
content-length: 18762
last-modified: Sun, 27 Jun 2021 19:10:17 GMT
etag: "60d8cd19-494a"
expires: Sun, 16 Apr 2023 21:30:16 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
071e1e0f583d6ccd2ca20d98f43e375f
72f3d0f399509f9972b19c740bdf4e945a3d6247
1c9f99cad01369bedc4f91b05ac62df77fef17537cb4eda8d0134f009bbe4b75

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C9F99CAD01369BEDC4F91B05AC62DF77FEF17537CB4EDA8D0134F009BBE4B75"
Last-Modified: Thu, 16 Mar 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5933
Expires: Fri, 17 Mar 2023 23:09:09 GMT
Date: Fri, 17 Mar 2023 21:30:16 GMT
Connection: keep-alive

www.hugshub.life/s/62cf1c2230951

178.162.199.80

200 OK

2.2 kB

URL HTTP/1.1
www.hugshub.life/s/62cf1c2230951
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321)
Size
2.2 kB (2238 bytes)
Hash
7387d128a15d7a1bc0b7a8862b997f75
2326b9f22dabe29ac3a7aa887c7ea7e454b8a64f
0a53304ff0b9b92e001724816e368ec29696521d46a0d395fae54b154b38aa51

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /s/62cf1c2230951 HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowhookup.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D; expires=Sat, 18-Mar-2023 21:30:17 GMT; Max-Age=86400; path=/; domain=hugshub.life
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hugshub.life
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hugshub.life
Content-Encoding: gzip

www.hugshub.life/bundle/812/assets/css/style.css

178.162.199.80

200 OK

8.8 kB

URL HTTP/1.1
www.hugshub.life/bundle/812/assets/css/style.css
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text, with CRLF line terminators
Size
8.8 kB (8841 bytes)
Hash
9e738c328cfc2625f9840d1b4c52b524
14e5febbaeb61227b5c996efd81bf2f73f2df793
29d9d65e863856bbcd8d70cb5c1f05f5c1777c1b7667ed6a5f65f7dc9f43b5b7

HTTP Headers

GET /bundle/812/assets/css/style.css HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: text/css
Content-Length: 8841
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:29 GMT
Vary: Accept-Encoding
ETag: "636fa379-2289"
Accept-Ranges: bytes

www.hugshub.life/bundle/812/assets/js/functions.js

178.162.199.80

200 OK

754 B

URL HTTP/1.1
www.hugshub.life/bundle/812/assets/js/functions.js
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text, with CRLF line terminators
Size
754 B (754 bytes)
Hash
72c89fc242792d00d123b17a27042f45
34a3c5a5ffc54c41b51c2dc64a94077f17e51f43
962a67baba919fcbc5dbfca75742e7855a3afef4d250829c3b8e02007e1294e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bundle/812/assets/js/functions.js HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/javascript
Content-Length: 754
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:30 GMT
Vary: Accept-Encoding
ETag: "636fa37a-2f2"
Accept-Ranges: bytes

cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js

151.101.65.229

200 OK

1.5 kB

URL HTTP/2
cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2760)
Size
1.5 kB (1527 bytes)
Hash
30dde27cc04fd354f8c23360ccb4db86
85c0406c2257108e7998bbbcaedfb1c73be7c769
fea9872472c31c5d56ba8901cb7cdb631f416bd6c879066cdfd592f7c6005cc4

HTTP Headers

GET /npm/jquery-background-video@1.1.0/jquery.background-video.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.0
x-jsd-version-type: version
etag: W/"c2c-rk12AHoQRv8E9UcxhQwjPVHVc68"
content-encoding: br
accept-ranges: bytes
date: Fri, 17 Mar 2023 21:30:17 GMT
age: 203426
x-served-by: cache-fra-eddf8230132-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1527
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.min.js

69.16.175.10

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hugshub.life
Connection: keep-alive
Referer: https://www.hugshub.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 17 Mar 2023 21:30:17 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1679088617.dop219.sk1.t,1679088617.cds249.sk1.hn,1679088617.cds240.sk1.c
X-Firefox-Spdy: h2

www.hugshub.life/js/click.js?9

178.162.199.80

200 OK

6.4 kB

URL HTTP/1.1
www.hugshub.life/js/click.js?9
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text
Size
6.4 kB (6404 bytes)
Hash
b5854bc72fe9d6347725baca222138c4
a2513361e42e33ffbd63a8c9e4094be69143f3ae
b9f1c39a20a76c81597029e11b2592c3ab1f7f90234a08f9eaab5bb0555d5cbc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/click.js?9 HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/javascript
Content-Length: 6404
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 14:01:16 GMT
Vary: Accept-Encoding
ETag: "6413212c-1904"
Accept-Ranges: bytes

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
d221961d0586b03814df0564f7fad0dd
00e3349c16733d6a848e7d594f398617cb4c1ed6
712f8f9545250e9a78b6910a326ab8ff2697461e52661f5edfaf5dc63660d9b1

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "77D3C7D6951952235D3EEFA3F8AF14DC1B3CCAF5"
Expires: Sat, 18 Mar 2023 08:00:00 GMT
Last-Modified: Fri, 17 Mar 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1543
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a9856123d3efac0-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 21:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 21:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hugshub.life/bundle/812/assets/images/d1.jpg

178.162.199.80

200 OK

78 kB

URL HTTP/1.1
www.hugshub.life/bundle/812/assets/images/d1.jpg
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 99", progressive, precision 8, 1280x853, components 3\012- data
Size
78 kB (78369 bytes)
Hash
079aa3084946fc388a529f14d9034a5b
20c92b4329bdc75731f0093f3e6f92ba1944481c
d02f3f1209f253dd365c61eb3b721865b652eef237e8d9391bd93128f5381ef7

HTTP Headers

GET /bundle/812/assets/images/d1.jpg HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: image/jpeg
Content-Length: 78369
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:29 GMT
ETag: "636fa379-13221"
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Montserrat&subset=latin-ext

142.250.74.74

200 OK

971 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
971 B (971 bytes)
Hash
b3ef39ca45b30ceec5e418a356ad92aa
b0819941bd57d753e9ebec58de005b198d283ed3
f293f1db8bbd2b98abf8a381d32ee8ce61ddc010d3e50027fe247ac607acb071

HTTP Headers

GET /css?family=Montserrat&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 17 Mar 2023 21:30:17 GMT
date: Fri, 17 Mar 2023 21:30:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

216.58.207.227

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size
13 kB (12708 bytes)
Hash
b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hugshub.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:06:11 GMT
expires: Sat, 16 Mar 2024 02:06:11 GMT
cache-control: public, max-age=31536000
age: 69846
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5828 bytes)
Hash
05b82ec8d7e99e9499e8b5a980008c60
280fe711e384d60749c6225ddcc7f57c48845719
305b82d6aa40f5af58100de5007ac484c73c0a49ab7c5715b8ab6e83e10270f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5828
x-amzn-requestid: 8361aeb7-1c8a-491d-b50d-59b3d6a061ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5K4lGhXIAMFlFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138b69-7b1d2aa5075294e04d976ad9;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:34:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: VYAI-v5_r6-RO5c5aTrA4JJnM1iRUtwDL349__B7TVNKYs_XqfiEhA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:06:15 GMT
age: 84242
etag: "280fe711e384d60749c6225ddcc7f57c48845719"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10338 bytes)
Hash
78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 07:02:34 GMT
age: 52063
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad4172a-505a-4014-9bcf-f13aa53b1686.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8758 bytes)
Hash
8154be92a2d44a0162f1cc673921529f
d56d45d301ddd803f7d9e69dee60694cb9cbc598
1ce79bc57af6f1b848992c86f300589070ed7343f8ac9cf1911e9f53f1278dcb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad4172a-505a-4014-9bcf-f13aa53b1686.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8758
x-amzn-requestid: 7c07a43a-3a52-4bea-8ff0-f2e0247c680d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B14rgEQfIAMF2Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64123b16-5f46de1a5896bb08271f930d;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 21:39:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3zxt_zNW_W4xw7Fsqylm6dkjtVBFZDaI6FLSe5f541G1xgNcKrloaQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:51:45 GMT
age: 85112
etag: "d56d45d301ddd803f7d9e69dee60694cb9cbc598"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
8d0d0c23818e0992d7081d19d86d752a
5f96d26521f4db9c8858b72d5c60f5b06fd0bba1
092427d520bfea7cf5cac7f160624001496ad5f54e8c8554a1c8aea942a7db87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: 56a9e84e-6436-4726-a8b3-efc08485eb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BmtHXG6IIAMFRTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640c2895-6dc08086321fb6c016eb88e9;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 07:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SDQGfzJOO-MuuJXlOI2vqvE8pgmDt0NOGI6aDLPTvG78ZWaXxM-mGg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:22:57 GMT
age: 440
etag: "5f96d26521f4db9c8858b72d5c60f5b06fd0bba1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hugshub.life/bundle/812/assets/images/favicon.png

178.162.199.80

200 OK

3.5 kB

URL HTTP/1.1
www.hugshub.life/bundle/812/assets/images/favicon.png
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3481 bytes)
Hash
cc86e90f22b2a8c36fef53568d5fbee9
547fb463d586ef2781970233dc0fb72d57813927
21bd9a17dd1badae75cad5e54d11c40e085662b91e4f7486f35e54371dc40e12

HTTP Headers

GET /bundle/812/assets/images/favicon.png HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: image/png
Content-Length: 3481
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:29 GMT
ETag: "636fa379-d99"
Accept-Ranges: bytes

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6291 bytes)
Hash
b237b4b09287ed50ed4b41b5a4bfb339
5114fb56e5d9847562d2c493dbe684ee1057ffba
a78555499f140649e47a5c0a561f36a8002abbceb2ab13189e91faefa6dd298c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6291
x-amzn-requestid: 55afe02a-821a-48a1-ab71-77d42ae4adf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B3lUdFqIoAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6412e8e9-7f5e230e44eac3b31e963b38;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 10:01:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 7OQVogzC2etvZVgTCnc4vf3SnOuKRE0ouTzDK-vWZlzExAraw_Bwhg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 12:12:07 GMT
age: 33490
etag: "5114fb56e5d9847562d2c493dbe684ee1057ffba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5906 bytes)
Hash
ab1194f894e79ce8de9c4a02925415e8
b06c689355301378aedbe12d01782debc8e2559e
1113a17eb74f317f3879f781f7b2fcb86f7e7da9ff6e18b44288f379cd5a21c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5906
x-amzn-requestid: 81b47546-f999-40fc-887b-1f8e3d9e49b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bz5_JGH2oAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64117060-303925a47d9431f63bf5afaa;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 07:14:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yhJQJKgvv9AxHjr1CFyDo6t5owgihxDs9W-HLMSV2bOb32s8KFFkAw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 01:19:03 GMT
age: 72674
etag: "b06c689355301378aedbe12d01782debc8e2559e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 21:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hugshub.life/js/fp2.min.js

178.162.199.80

200 OK

31 kB

URL HTTP/1.1
www.hugshub.life/js/fp2.min.js
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text, with very long lines (30507)
Size
31 kB (30685 bytes)
Hash
e7d6b85edb141824af8951e19333337c
76600b2cb1978ca24d9fe39b1412f052da855ddb
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/fp2.min.js HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D; CF=yDX8d0vGmzzUNX7T9M1Lkw__
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/javascript
Content-Length: 30685
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 14:01:16 GMT
Vary: Accept-Encoding
ETag: "6413212c-77dd"
Accept-Ranges: bytes

www.hugshub.life/bundle/812/assets/images/v1.mp4

178.162.199.80

206 Partial Content

0 B

URL HTTP/1.1
www.hugshub.life/bundle/812/assets/images/v1.mp4
IP
178.162.199.80:0
ASN
#28753 Leaseweb Deutschland GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bundle/812/assets/images/v1.mp4 HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: video/mp4
Content-Length: 964329
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:30 GMT
ETag: "636fa37a-eb6e9"
Content-Range: bytes 0-964328/964329

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML