Report - s3.afflist.net/click?pid=68&offer

Report Overview

Submitted URL
s3.afflist.net/click?pid=68&offer_id=1187&l=1650370093
IP
35.204.226.246
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2022-09-24 08:36:18
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Generic / Unknown

Detections

urlquery
1
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	38 kB	18.164.68.6
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.136.7
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
1push.live	520396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.6 kB	172.67.213.119
api.1push.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	842 B	878 B	104.21.37.213
s3.afflist.net	74266	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	509 B	34.147.12.223
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.102
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
justdating.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	689 B	104.21.55.87

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	justdating.net/static/js/pandoraWeb.0.1.js	13 kB	2023-03-08	2023-03-08
Pretty URL justdating.net/static/js/pandoraWeb.0.1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20:50 Last Seen2023-03-08 00:20:50 Times Seen1 Hash cbe285756873699eb375caeba3aed187 0a2f0626942e2f2be9dd61a13b8d9b0f6b00e581 26b38c691a491f9e8cc3567b4469a35b913df856b67ba3f4d665af9c5cb9e8ad Loading...

	justdating.net/static/js/jquery-1.12.1.min.js	97 kB	2023-03-08	2023-12-19
Pretty URL justdating.net/static/js/jquery-1.12.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20:50 Last Seen2023-12-19 15:18:46 Times Seen33 Hash f2fc08abc16fdb60302cc3c3dcb41836 ce24e11c6a248a9bbcc885cd6814fa8f6277b3e2 ed95f702685545e4a5ec11684bab1be8040dd33959493c28ce110e47d188ad46 Loading...

	1push.live/app-fama.js?5546695	66 kB	2023-03-08	2023-03-13
Pretty URL 1push.live/app-fama.js?5546695 IP 172.67.213.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20:50 Last Seen2023-03-13 17:51:25 Times Seen1 Hash 0be2869391fcb1a659d5e3dd1daffc27 2b7e417c3bfab924a30db4ad3b91e6219a62c372 ae1a608d25df8d1026d18b7e70d23e909299819d3ba6b2a4d53c5fb7ff9a567a Loading...

	1push.live/iframe-fama.html	340 B	2023-03-08	2023-03-13
Pretty URL 1push.live/iframe-fama.html IP 172.67.213.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:20:50 Last Seen2023-03-13 17:51:25 Times Seen1 Hash 2d4b3afd66d73a8a027ea96ef86616c4 8720d03cfc78d425a0d5e70cf931cf7376fa2236 df7694e819e007ca89a51ad90c8f6ca41e9a2a23369fa21ff7b1c9bfee907528 Loading...

HTTP Transactions (24)

	URL	IP	Response	Size
	firefox.settings.services.mozilla.com/v1/	18.164.68.6	200 OK	939 B
URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/ IP 18.164.68.6:0 ASN #0 File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 24 Sep 2022 08:05:36 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 86897b9f074001e33ff5cbec58c4bc02.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR50-P4 X-Amz-Cf-Id: axsjm9aykBkZ_enb9fXCxCR8OwgZT-OXKWUuGvajePWNpV_exaF_9g== Age: 1831

	s3.afflist.net/click?pid=68&offer_id=1187&l=1650370093	34.147.12.223	302 Found	0 B
URL HTTP/1.1 s3.afflist.net/click?pid=68&offer_id=1187&l=1650370093 IP 34.147.12.223:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /click?pid=68&offer_id=1187&l=1650370093 HTTP/1.1 Host: s3.afflist.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Found Server: nginx Date: Sat, 24 Sep 2022 08:36:07 GMT Content-Length: 0 Connection: keep-alive Location: https://justdating.net/geo/spring/adult-africa/#b=1187&v=632ec177a446e80001fcdd73&a=68&sub1=&sub2=&platform=affise&affcountry=NO&push=true&noRedir=true Set-Cookie: afclick=632ec177a446e80001fcdd73; expires=Sun, 24 Sep 2023 08:36:07 GMT; secure; SameSite=None afoffers={"1187":1664008567}; expires=Sun, 24 Sep 2023 08:36:07 GMT; secure; SameSite=None Access-Control-Allow-Origin: *`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09a973de929ab7452edc342c780d3668 3f14f6e0a36f76863c0aea6fb561c266404a7ea3 e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80" Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9329 Expires: Sat, 24 Sep 2022 11:11:36 GMT Date: Sat, 24 Sep 2022 08:36:07 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain	108.156.28.102	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP 108.156.28.102:0 ASN #16509 AMAZON-02 File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 24 Sep 2022 04:13:03 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: 5Lh9luBxj8L9EBecFK_TxulQ5AcVFgjiy9A2HDxuvRtePUREm5skyg== age: 15784 X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 24 Sep 2022 08:36:07 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	18.164.68.6	200 OK	35 kB
URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 18.164.68.6:0 ASN #0 File type data Size 35 kB (35290 bytes) Hash 0e89e1c7d48a210d72c75178155393d1 88fd03b60b754634bd92dd69ae84d2f6ed31f05e 2d320d0a33589155e1fefa9354064c0b12e97ba9d885bbcfd9d5698cffa7ec0b HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT X-Content-Type-Options: nosniff Date: Sat, 24 Sep 2022 08:21:03 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Sat, 24 Sep 2022 08:49:06 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 c3ac810888cb46ee4166354c2171bcde.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR50-P4 X-Amz-Cf-Id: OyDrcSTGx1lL4htK28jGpL7IvpzWdd_LMgARUrDYEUTtEMhNimyXNA== Age: 922

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash f714931cf870bfa33815fd259b7246fd 38e411ef8ca1b31ead8415ee5f21d98bd9653a86 897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1742 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 24 Sep 2022 08:36:08 GMT Last-Modified: Sat, 24 Sep 2022 08:07:06 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471`

	push.services.mozilla.com/	52.89.136.7	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.89.136.7:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: pnV7sfakj+2K5cgn1CCnMg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 85zXV0z6ozybTjueJicZpiNZcFc=`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12355 Expires: Sat, 24 Sep 2022 12:02:04 GMT Date: Sat, 24 Sep 2022 08:36:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12355 Expires: Sat, 24 Sep 2022 12:02:04 GMT Date: Sat, 24 Sep 2022 08:36:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12355 Expires: Sat, 24 Sep 2022 12:02:04 GMT Date: Sat, 24 Sep 2022 08:36:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12355 Expires: Sat, 24 Sep 2022 12:02:04 GMT Date: Sat, 24 Sep 2022 08:36:09 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10279 bytes) Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4 60a83a1618ffae06e49ca3002bac1db9980dcfe8 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10279 x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4V65GTXIAMF9-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 04:12:38 GMT age: 15811 etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg	34.120.237.76	200 OK	8.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.9 kB (8907 bytes) Hash f727cc665bfa383779422949037a83a7 24d4dcad1590e79e89a1ffe343bd7fe616528c5a 72dc66286d9ea7b71b6c9a116ff69380a97253c73f1ba2a5b3da34790e321e05 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8907 x-amzn-requestid: 974b20af-4775-45bd-9e3f-55e5aa363c2d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7sQRGPtIAMFZCw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e2734-18aebf577efb8aaa0182aeed;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:56 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ANAYROIRBWe_Y5TxqYp9IDnqnuOHQGjvyj1K8Z85m7C9DGCXXuQ-Cw== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:47:49 GMT age: 38900 etag: "24d4dcad1590e79e89a1ffe343bd7fe616528c5a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10032 bytes) Hash aa150280eb113504d61a25935c0f0127 ed04f74fbb4c77b21e2babc51a82857f5e23d169 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10032 x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7sPBHGYoAMFh-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:56:56 GMT age: 38353 etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg	34.120.237.76	200 OK	8.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.0 kB (8029 bytes) Hash 02a682b4703bb9d6381c762726c05531 1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54 fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8029 x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4Y0tHjGoAMFcFw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:59:08 GMT age: 38221 etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12087 bytes) Hash 0b722574c0e6f63a78a19eff0f100ae4 96185aa90e560a4bd9462cef2e280561ee557413 c5b1012f1fca39d949f4b70e69b94bc6e03521d93ab8c38bb30d2c9c43bac633 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12087 x-amzn-requestid: bf12c6c6-f19a-4b64-8c40-1df852974bf0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YvRCsFT-oAMFjpQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63292edd-20450d0447040267001aec49;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 03:09:17 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 64XcK2L9WKWLw3GLQ0sCB3rUl_JbmkBBwbjY8QdCYDJa5Mb8uHUiLg== via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 05:53:03 GMT age: 9786 etag: "96185aa90e560a4bd9462cef2e280561ee557413" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg	34.120.237.76	200 OK	6.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.4 kB (6386 bytes) Hash d8d9af95acfc8b9b431eb1e020157f6d f6f926be6e265a597aaede424f05fcd7c76fcc20 0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6386 x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7shGHryIAMF6zg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:52:36 GMT age: 38613 etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	1push.live/app-fama.js?231112	172.67.213.119	200 OK	0 B
URL HTTP/2 1push.live/app-fama.js?231112 IP 172.67.213.119:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /app-fama.js?231112 HTTP/1.1 Host: 1push.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://1push.live/iframe-fama.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sat, 24 Sep 2022 08:36:15 GMT content-type: application/javascript last-modified: Tue, 08 Jun 2021 10:51:07 GMT etag: W/"0be2869391fcb1a659d5e3dd1daffc27" x-cache: Hit from cloudfront via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront) x-amz-cf-pop: FRA53-C1 x-amz-cf-id: SQDpfRBbjgMN-rsxrqzlogWnMQjxA5EJLm7dAmaU7fkejRc8JfzRiA== report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umml%2Fv4G9s5BSELGzEx3j%2BeWrqTk4MUDmpewGL2mzG73WYviXaebg%2FLeussUch59LAwV%2FDBcvwDtwMZAy4xmtEMsy%2B3A%2FBllWKrgkA03AOBfFr0nlE%2FntWC2%2BrPS7Phc4HXbBA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: MISS server: cloudflare cf-ray: 74fa30fc1aa8b4fa-OSL content-encoding: br X-Firefox-Spdy: h2

	api.1push.live/webpush/i4r1dac2nunz1z1z/hostInfo/justdating.net/	104.21.37.213	502 Bad Gateway	0 B
URL HTTP/2 api.1push.live/webpush/i4r1dac2nunz1z1z/hostInfo/justdating.net/ IP 104.21.37.213:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /webpush/i4r1dac2nunz1z1z/hostInfo/justdating.net/ HTTP/1.1 Host: api.1push.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://justdating.net Connection: keep-alive Referer: https://justdating.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 502 Bad Gateway date: Sat, 24 Sep 2022 08:36:15 GMT content-type: text/html; charset=UTF-8 set-cookie: cf_use_ob=0; path=/; expires=Sat, 24-Sep-22 08:36:45 GMT x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT cf-ray: 74fa30fd2ce71c0e-OSL server: cloudflare X-Firefox-Spdy: h2`

	api.1push.live/webpush/i4r1dac2nunz1z1z/hostInfo/justdating.net/	104.21.37.213	502 Bad Gateway	0 B
URL HTTP/2 api.1push.live/webpush/i4r1dac2nunz1z1z/hostInfo/justdating.net/ IP 104.21.37.213:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /webpush/i4r1dac2nunz1z1z/hostInfo/justdating.net/ HTTP/1.1 Host: api.1push.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://justdating.net Connection: keep-alive Referer: https://justdating.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 502 Bad Gateway date: Sat, 24 Sep 2022 08:36:15 GMT content-type: text/html; charset=UTF-8 set-cookie: cf_use_ob=0; path=/; expires=Sat, 24-Sep-22 08:36:45 GMT x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT cf-ray: 74fa30ff8ee51c0e-OSL server: cloudflare X-Firefox-Spdy: h2`

	justdating.net/geo/spring/adult-africa/	104.21.55.87	200 OK	0 B
URL HTTP/2 justdating.net/geo/spring/adult-africa/ IP 104.21.55.87:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /geo/spring/adult-africa/ HTTP/1.1 Host: justdating.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Sat, 24 Sep 2022 08:36:07 GMT content-type: text/html; charset=utf-8 cache-control: max-age=14400 cf-cache-status: MISS last-modified: Sat, 24 Sep 2022 08:36:07 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FBZEI%2FQTF%2FngT8qec5Ok3apZ%2BpEjfrIuWRTt2Iz7knG565ti61Wj5TdTS6j8NRo0rDAf5E2OslonSizf1CxCQLHRx6XtMMz58R7vWjsUxSDfmzVgla4zRnmmEvmdKRE2w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 74fa30cb39a2b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	1push.live/app-fama.js?5546695	172.67.213.119	200 OK	0 B
URL HTTP/2 1push.live/app-fama.js?5546695 IP 172.67.213.119:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /app-fama.js?5546695 HTTP/1.1 Host: 1push.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justdating.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 24 Sep 2022 08:36:15 GMT content-type: application/javascript last-modified: Tue, 08 Jun 2021 10:51:07 GMT etag: W/"0be2869391fcb1a659d5e3dd1daffc27" x-cache: Hit from cloudfront via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront) x-amz-cf-pop: FRA60-P3 x-amz-cf-id: 0lsgPKYYepzu53do7R7Ltzo4QvFqWPlZucAuqmQqAipmTM4l6rIOSw== report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxxUwOnr3ylMNXl3kwBb%2BK7IiKvBn9t4LV6B6tJSiw3JFAOVALQxH4eiYexqSb3yqOa9RSqI2pJYfYEPKq7vhhwyTwjXvo7idMz9%2FzDh6cWoN0oGH3%2BKAPBsJ5jsEZ%2B76uOOPg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: MISS server: cloudflare cf-ray: 74fa30f8ceb6b4fa-OSL content-encoding: br X-Firefox-Spdy: h2

	1push.live/iframe-fama.html	172.67.213.119	200 OK	0 B
URL HTTP/2 1push.live/iframe-fama.html IP 172.67.213.119:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /iframe-fama.html HTTP/1.1 Host: 1push.live User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justdating.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sat, 24 Sep 2022 08:36:15 GMT content-type: text/html last-modified: Tue, 08 Jun 2021 10:51:08 GMT x-cache: Hit from cloudfront via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront) x-amz-cf-pop: FRA53-C1 x-amz-cf-id: 89vlJNgZJF-vNEhVTFOy7p6wH0tjxcuIH8eG1i4umRCA2C9wq773-w== age: 35695 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnFsCokWgWfHeQ%2BXVA11z415oKPCjQQWXLzcbfrxOeK7cph%2FD%2F5JBeVo4y2BfO3XdEdzR0dtUSh94Cpw4HUknj1BOhQzKK%2FulGwc3i9XF46QZvsoMMNGeSjGc3iFK41vg6MceQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 server: cloudflare cf-ray: 74fa30fb49b5b4fa-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size