www.dql2clk.com/6FJ6LF/75M26WG
34.117.199.78302 Found 248 B URL HTTP/1.1 www.dql2clk.com/6FJ6LF/75M26WG
IP 34.117.199.78:0
File type HTML document, ASCII text
Hash 529549d6c0ac0c2ca63521f0a136fff0
beccafcb8479dffdfb5a11a55e698e3124806896
7441b37b063df513acc31b5f2be599f036554b008fb100cd7b47c8168bbe4ddd
Analyzer Verdict Alert fortinet Phishing
GET /6FJ6LF/75M26WG HTTP/1.1
Host: www.dql2clk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: nginx
date: Tue, 13 Dec 2022 22:28:25 GMT
content-type: text/html; charset=utf-8
content-length: 248
location: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
set-cookie: uniqueClick_75M26WG=2683ce0a-373d-49b1-b536-3f5430aa1242:1670970505; Path=/; Expires=Wed, 14 Dec 2022 22:28:25 GMT; SameSite=None
transaction_id=8cc322e363ad489c9125b8cd95da634d; Path=/; Expires=Mon, 13 Mar 2023 22:28:25 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 56be73a8-4e41-4dd4-b579-d503a132660e
Via: 1.1 google
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8866
Expires: Wed, 14 Dec 2022 00:56:11 GMT
Date: Tue, 13 Dec 2022 22:28:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4809
Expires: Tue, 13 Dec 2022 23:48:34 GMT
Date: Tue, 13 Dec 2022 22:28:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3995
Expires: Tue, 13 Dec 2022 23:35:00 GMT
Date: Tue, 13 Dec 2022 22:28:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HUlsFaaSjnHpd0II6LlfCT+ATdliSE2lgk6aL2U8YgW/7KgbDBNldpiIosSpHMNmN+e+EK4SOj5iN7XEQfYxBQ==
x-amz-request-id: EJ2JBBFT6WBVAHK9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 21:52:05 GMT
age: 2180
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 22:08:48 GMT
content-type: application/json
age: 1177
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 22:28:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 22:07:57 GMT
age: 1228
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash c46c7390aedd3c5fdf0358a05822dda9
23b832d5ec920f4bd06e1b7fa849dd1691cb9e7e
1b46eec848f0cf51f86946c392288b03219de19a31b891fc4d0b9b6194e5fc1b
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155313
Date: Tue, 13 Dec 2022 22:28:25 GMT
Etag: "6398a31f-1d7"
Expires: Thu, 15 Dec 2022 17:36:58 GMT
Last-Modified: Tue, 13 Dec 2022 16:06:55 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xmazY8YqWn8fIRVhFRPJWPl-lTVq2A8I3HL2xSpT_w18Ozd63DwWTg==
Age: 5403
www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
52.58.208.158200 OK 8.0 kB URL HTTP/2 www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
IP 52.58.208.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1438)
Hash 883b2547c175bdbd972b22f8d9f7eaf7
c08cd0e28dc297974fd4d96d47235fc53a16a94d
34c0d58c2306aae5561ae5b3ffae9165d13ebd1fb9bed01270fecdb63968acc8
GET /8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:25 GMT
content-type: text/html; charset=UTF-8
content-length: 8047
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 349
Cache-Control: max-age=125056
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 22:28:25 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 09:12:41 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.99hookups.com/8365/css/jquery-ui.css
52.58.208.158200 OK 8.4 kB URL HTTP/2 www.99hookups.com/8365/css/jquery-ui.css
IP 52.58.208.158:0
File type ASCII text, with very long lines (2363)
Hash eb890942f434115913de08899ef174a4
84518af33d2157bf638eecd96ec00eeb378f547d
65c520e543b735967301de8a17d88ebfe96f9969d596fe477ebe4850f99f5d32
GET /8365/css/jquery-ui.css HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 8405
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "8d02-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/magnific-popup7a19.css?1552897983
52.58.208.158200 OK 2.8 kB URL HTTP/2 www.99hookups.com/8365/css/magnific-popup7a19.css?1552897983
IP 52.58.208.158:0
Hash 428b1ed02fbe4fec6ad424877bb5e008
535e0b27a42fbb4023673b4ac992ab238cf64676
ae290d16bfe3943a7eb5ccdb590f4a792eaf3accf94fb1fc083f4804211ced6d
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/magnific-popup7a19.css?1552897983 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 2824
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "2b38-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/cssd4a6.css?family=Raleway:300,400,500,600,700,800
52.58.208.158200 OK 226 B URL HTTP/2 www.99hookups.com/8365/css/cssd4a6.css?family=Raleway:300,400,500,600,700,800
IP 52.58.208.158:0
Hash bfcfa21350d158280f771d5b3f0c981e
7e8a162a764e6721ef25302f21db8f6a3b64c804
e8ad9cd38afcd2da6765cb7e2c2c0e6c5523dc6bdc62eefe2d24cc6d7768d217
GET /8365/css/cssd4a6.css?family=Raleway:300,400,500,600,700,800 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 226
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "4a4-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/all.css
52.58.208.158200 OK 9.0 kB URL HTTP/2 www.99hookups.com/8365/css/all.css
IP 52.58.208.158:0
File type ASCII text, with very long lines (41352)
Hash 3e803635b0b559c291e5393f9b5a21c2
f2fc7fa483de814eca551f3574d67a8b6b94715c
8ad49d7db43a2ef26a506d5a668d0b29b30876c6bf94c96e353f2e00b58dbab5
GET /8365/css/all.css HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 9047
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "a23d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/bootstrap.min5146.css?1552897995
52.58.208.158200 OK 21 kB URL HTTP/2 www.99hookups.com/8365/css/bootstrap.min5146.css?1552897995
IP 52.58.208.158:0
File type ASCII text, with very long lines (65324)
Hash 4e2c02211d789bbe7250420d16cef501
a8c6cb2336ce2313a99d934e8f77345b3f946137
a825f26affa88c3d5651c464aa7e866df1c3980051bc0620c546aa728eb713a8
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/bootstrap.min5146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 21047
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "22688-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/css4d29.css?family=Bevan
52.58.208.158200 OK 186 B URL HTTP/2 www.99hookups.com/8365/css/css4d29.css?family=Bevan
IP 52.58.208.158:0
Hash bb44b0412c2360c659712bd23873fbea
c80b1cb5b1d1279ec28f3b4ceb6bc45503fc223f
b3dea3e23e19bd0829b19d60658d65013c061ae4287e42425482472fe43ba0b8
GET /8365/css/css4d29.css?family=Bevan HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 186
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "de-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/carousel-type015146.css?1552897995
52.58.208.158200 OK 140 B URL HTTP/2 www.99hookups.com/8365/css/carousel-type015146.css?1552897995
IP 52.58.208.158:0
Hash 9e44aa06256b0151e604971c2add024d
b9352d226598aa1ec456ee0866e8cc78bb3fe73f
e84a5f0f0b8b1b37be6a5732d61b7ed0bc9b0b580b8b281cd98e5585a16778b1
GET /8365/css/carousel-type015146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 140
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "d7-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/css29bd.css?family=Oleo+Script:400,700
52.58.208.158200 OK 232 B URL HTTP/2 www.99hookups.com/8365/css/css29bd.css?family=Oleo+Script:400,700
IP 52.58.208.158:0
Hash f59aaa1652a17f4a2a9cbfb893f74a34
ac2035c743ade270b6894181692b3494ede35bbd
20b78a5fa4da2252324b9cee7fc7aff8bf886062fb3c071a8f0dbcca1b7a6e3f
GET /8365/css/css29bd.css?family=Oleo+Script:400,700 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 232
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1ec-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/bg-overlay-type025146.css?1552897995
52.58.208.158200 OK 227 B URL HTTP/2 www.99hookups.com/8365/css/bg-overlay-type025146.css?1552897995
IP 52.58.208.158:0
Hash 773d7a60a3ea8b8fb44783c224dd0819
2108720dd00e416238d5c942412d1a1b24c17dc5
4af747abecd428780989d63ebe95a248bcb3660fce29d84498d260036a030e8a
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/bg-overlay-type025146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 227
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1de-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a8bfe6a241759954061bc4408e9139ea
85c26e137b8b2089cbe5caf61b13ad2578d0c60f
4df62f609630f61c24553362d5ff9d1a68d7633ce02e184f19431ca82e15498f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4082
Cache-Control: max-age=124495
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 22:28:26 GMT
Etag: "63982fe7-117"
Expires: Thu, 15 Dec 2022 09:03:21 GMT
Last-Modified: Tue, 13 Dec 2022 07:55:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
www.99hookups.com/8365/css/intro-type035146.css?1552897995
52.58.208.158200 OK 335 B URL HTTP/2 www.99hookups.com/8365/css/intro-type035146.css?1552897995
IP 52.58.208.158:0
Hash 1e4cb7ea92df4f2430ba2baad33a4a5b
7a81b87d2d715e9d23e12bfdeaaa1b8905ac9091
840cebcef01ff7963aff07d07ebbe8d406413a67371b57825bee3f399508113f
GET /8365/css/intro-type035146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 335
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "37c-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/form-elements-type01b2b7.css?1568802110
52.58.208.158200 OK 1.3 kB URL HTTP/2 www.99hookups.com/8365/css/form-elements-type01b2b7.css?1568802110
IP 52.58.208.158:0
Hash 6de57be4de345de0ef397faf2b83c3ca
414ae309fd43e65aa999c352c21ae4b0b2f3c3ab
d9452f514be5bfae1979220749ea586810e9b64b8cbbcdb36bb818211469ac9e
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/form-elements-type01b2b7.css?1568802110 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 1278
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "111d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/stepper-type035146.css?1552897995
52.58.208.158200 OK 327 B URL HTTP/2 www.99hookups.com/8365/css/stepper-type035146.css?1552897995
IP 52.58.208.158:0
Hash 3cba407c50f9cb555518820fb259be11
eeb11795fece07f228595ebee195a0c940d0118d
5e622ed27ac60452dbd5cba0209369e79cab7b00024a94c040163fb435d0f771
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/stepper-type035146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 327
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "262-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/multistep-type074a33.css?1575984656
52.58.208.158200 OK 1.2 kB URL HTTP/2 www.99hookups.com/8365/css/multistep-type074a33.css?1575984656
IP 52.58.208.158:0
File type ASCII text, with very long lines (673)
Hash c48ba9926fabbb458b4c262ef52c7b46
0d05157cc3eba2c45e19c33c7f126105d0ad0e7b
0974a71786a8842526d78aec65fb18bb0a9676542c4a766ce6c7fd20e8e603bd
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/multistep-type074a33.css?1575984656 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 1202
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "d53-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/validationmodal-type015146.css?1552897995
52.58.208.158200 OK 270 B URL HTTP/2 www.99hookups.com/8365/css/validationmodal-type015146.css?1552897995
IP 52.58.208.158:0
Hash a93577fcc74ee7a34129fed04ee395d1
18c1576f2a12f07b7c68666218d35b7c623e145c
2fedeb15f6899d6aa7a94ea1e286047e1c9a223df2c4d15425a3e3ee10772822
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/validationmodal-type015146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 270
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "27e-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/stylec11e.css?1552897996
52.58.208.158200 OK 249 B URL HTTP/2 www.99hookups.com/8365/css/stylec11e.css?1552897996
IP 52.58.208.158:0
Hash 0429f6bbb648eb8dce5d0787f69bafcf
1622c57197d4610a04cff39872f38074455819b8
8a48c217eab0fb3908fed484559ff31aea6658bb4200a61dfeee07a9de38f368
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/stylec11e.css?1552897996 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 249
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1e7-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/styling92b1.css?1579682355
52.58.208.158200 OK 247 B URL HTTP/2 www.99hookups.com/8365/css/styling92b1.css?1579682355
IP 52.58.208.158:0
Hash ec3888642bd2af0e1bb333f8fa03b1d2
abf57e8fdd00152fa0ba69f3f1758a4104c94781
96a3e08c8cb47673ce5ba7e491e24c61482570f75f63395d911c74af22f237df
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/styling92b1.css?1579682355 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 247
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "263-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/sexy01.css
52.58.208.158200 OK 177 B URL HTTP/2 www.99hookups.com/8365/css/sexy01.css
IP 52.58.208.158:0
Hash 9f91e66771a38562e2f0b533aa6e9ca8
9752b4685a5f96e332062b2ec13655a64439e4da
efdd49c87d9339e9cc51ba25e8dd7d94421283686dc1967fa01ada70cd1f6f13
GET /8365/css/sexy01.css HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 177
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "3fd-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/jquery-migrate-3.0.1.min.js
52.58.208.158200 OK 3.5 kB URL HTTP/2 www.99hookups.com/8365/js/jquery-migrate-3.0.1.min.js
IP 52.58.208.158:0
Hash 77805915cd6097a4ffda2303afb8c371
8e69abe20647ec0350055f65a2fd780eba5fa0d1
e85b9032ebca10bfa70a4a2ce6a92461aa2d31d7200cc9b2427b565c1cd51194
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 3474
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "2c9d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/popper.min.js
52.58.208.158200 OK 7.3 kB URL HTTP/2 www.99hookups.com/8365/js/popper.min.js
IP 52.58.208.158:0
File type ASCII text, with very long lines (20363)
Hash a58f37d3887c59d958259f93a27e51c8
73cd6474966c3337eb4d5d48ccaac3e832a94940
d17499eb5d36405eada4f31a9354a5998a221c6873e26c29c52bedc09d635a16
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/popper.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 7301
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "5039-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/popupregister.js
52.58.208.158200 OK 1.4 kB URL HTTP/2 www.99hookups.com/8365/js/popupregister.js
IP 52.58.208.158:0
Hash 8a4cb4e1d417ced9a128a62bdfebb31c
b36bc5736d80f105fa0c3f4fc3ee48acde936dae
949c10461b14a53bd61d83f9fd8983b28770d188ce9cdc19750ffbf630295820
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/popupregister.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 1400
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "14f5-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/mdb.minc11e.css?1552897996
52.58.208.158200 OK 60 kB URL HTTP/2 www.99hookups.com/8365/css/mdb.minc11e.css?1552897996
IP 52.58.208.158:0
File type ASCII text, with very long lines (38486)
Hash 539f0a939fac888612159ab7fb6420d8
8bb471e03c0302095904253e333ca87eb04b8a30
ec32fbfee0e53ef3e96e42f65611358ed41ea1bf4506fdabf0ceb08b8317fb83
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/mdb.minc11e.css?1552897996 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 59754
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "7e452-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/magnific-popup.js
52.58.208.158200 OK 12 kB URL HTTP/2 www.99hookups.com/8365/js/magnific-popup.js
IP 52.58.208.158:0
Hash a37c2f881af845832c079445350ccbd5
b56cb163d6cd21b085b3ff999c767c41251d901b
a1ac9ef12d519d4ea7a8c64b32a1d6830e03876179fc7f2420e4bee2212b2ead
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/magnific-popup.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 12489
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "a302-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/css/general5146.css?1552897995
52.58.208.158200 OK 925 B URL HTTP/2 www.99hookups.com/8365/css/general5146.css?1552897995
IP 52.58.208.158:0
File type ASCII text, with very long lines (614)
Hash c5ff36e73e405f3e6667338f03fd412d
5b721e559c8bc30d192a99ea629ed071af2fc7c0
9f059784cba05862335685405be3b6a324749eae1f7f0a0440fb1e9e358e3007
Analyzer Verdict Alert fortinet Phishing
GET /8365/css/general5146.css?1552897995 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/css
content-length: 925
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "cb7-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/multistep.js
52.58.208.158200 OK 1.8 kB URL HTTP/2 www.99hookups.com/8365/js/multistep.js
IP 52.58.208.158:0
Hash b63c4f1aaef1528ff8397e7e709069a1
30e004c8f55af4f59c8a1df2920ed2e89acdc9cd
a9e61e8884ead1951df41040a5b33e14897edabc61ed70e36080ad36af780976
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/multistep.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 1847
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "1743-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/main.js
52.58.208.158200 OK 917 B URL HTTP/2 www.99hookups.com/8365/js/main.js
IP 52.58.208.158:0
Hash d0714f85e07e266d5aedb365a16dab2a
445a74e992569083e1665e86c6dd38f775d6fa5e
f51d7e225bed358cfecfc48c0652f043981ae10e79953226e6fcb84d0cdca9bf
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/main.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 917
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "a6c-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/bootstrap.min.js
52.58.208.158200 OK 14 kB URL HTTP/2 www.99hookups.com/8365/js/bootstrap.min.js
IP 52.58.208.158:0
File type ASCII text, with very long lines (50758)
Hash 2cb8caa8c251fe1763b6b2f447a6b169
0f9316b868e48b83ca40c4709c13cd6fff5c2eb5
c7904677b8b2f52c1e0d24522cea665310a3afc75f371fd3d226afd79110f332
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/bootstrap.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 14085
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "c75f-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/jquery.min.js
52.58.208.158200 OK 30 kB URL HTTP/2 www.99hookups.com/8365/js/jquery.min.js
IP 52.58.208.158:0
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/jquery.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
content-length: 30138
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "15283-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a8bfe6a241759954061bc4408e9139ea
85c26e137b8b2089cbe5caf61b13ad2578d0c60f
4df62f609630f61c24553362d5ff9d1a68d7633ce02e184f19431ca82e15498f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4082
Cache-Control: max-age=124495
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 22:28:26 GMT
Etag: "63982fe7-117"
Expires: Thu, 15 Dec 2022 09:03:21 GMT
Last-Modified: Tue, 13 Dec 2022 07:55:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 22:28:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lhgMs4d8otTh0iijr8iWmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kpGaaJz7bhx1+Lb5ZMMHrheWP2k=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 22:28:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.99hookups.com/8365/jpg/01.jpg
52.58.208.158200 OK 319 kB URL HTTP/2 www.99hookups.com/8365/jpg/01.jpg
IP 52.58.208.158:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=19, height=3331, bps=242, compression=none, PhotometricIntepretation=RGB, description=Shot of a sexy young woman lying on a bed in her underwear, manufacturer=NIKON CORPORATION, model=NIKON D800E, orientation=upper-left, width=4879], baseline, precision 8, 1920x1311, components 3\012- data
Size 319 kB (319050 bytes)
Hash a8f5da5ec1df5db534b44b036c7965b0
82442b958b8718f0f3a37d565a1ab35af20ebb6c
0af14c2c165490aae26d0ecd81a69f11a5d21e2ba0b719e833997381e9cbe630
GET /8365/jpg/01.jpg HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/css/sexy01.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: image/jpeg
content-length: 319050
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "4de4a-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.99hookups.com/8365/woff2/fa-solid-900.woff2
52.58.208.158200 OK 50 kB URL HTTP/2 www.99hookups.com/8365/woff2/fa-solid-900.woff2
IP 52.58.208.158:0
File type Web Open Font Format (Version 2), TrueType, length 50372, version 1.0\012- data
Hash 8a8c0474283e0d9ef41743e5e486bf05
1ba4dd60af529d1a72d0e57467c3bc0bbb728a4d
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
Analyzer Verdict Alert fortinet Phishing
GET /8365/woff2/fa-solid-900.woff2 HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.99hookups.com/8365/css/all.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: font/woff2
content-length: 50372
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "c4c4-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 5f86f86d3289b74fb4a8d6f73a6024bc
d29cab862957d13dc426dee86bb2feb2819443af
b8bc62b390c643501d1f44932e845d361695d590930c766ead9b3d417e9e1c94
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Dec 2022 22:28:26 GMT
Etag: "6397bc81-1d7"
Last-Modified: Tue, 13 Dec 2022 20:40:48 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4Ts-zA5Mg0PwlA1sPAZiZG1bYPupvTZ2c8U9igDaFFgF3GlorGc4LA==
Age: 6459
www.99hookups.com/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
52.58.208.158302 Found 0 B URL HTTP/2 www.99hookups.com/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
IP 52.58.208.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
location: /newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
X-Firefox-Spdy: h2
www.99hookups.com/newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
52.58.208.158404 Not Found 1.1 kB URL HTTP/2 www.99hookups.com/newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO
IP 52.58.208.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert fortinet Phishing
GET /newlanders/index.php/users/places/countries.json?data%5BProfile%5D%5Bprofile_country_id%5D=NO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: text/html; charset=UTF-8
content-length: 1130
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
X-Firefox-Spdy: h2
live.connect2api.com/langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en
3.121.64.120200 OK 99 B URL HTTP/2 live.connect2api.com/langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en
IP 3.121.64.120:0
File type JSON data\012- , ASCII text
Hash aef377e477b35e8352ffb4dfadccf881
3dc7cf829839b732cd764e1a36905f47e83d43ff
06a81b1f0fda6bc4c6cd8a0a0321b3ed9e944ebdf2c40433b4dad32c0aa371f7
GET /langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en HTTP/1.1
Host: live.connect2api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.99hookups.com
Connection: keep-alive
Referer: https://www.99hookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:27 GMT
content-type: application/json
content-length: 99
server: Apache/2.4.54 () PHP/7.4.32
x-powered-by: PHP/7.4.32
access-control-allow-origin: *
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
allow: GET, POST, OPTIONS, PUT, DELETE
app: MadOffersAPI
cache-control: no-cache, private
set-cookie: laravel_session=eyJpdiI6IjN5SWpwOTR3TmQzNWZkKzJ2am40dVE9PSIsInZhbHVlIjoiR0tzZnlwaEV4VFF2ZkpCNGZIVzBZWC9KcFF5eG01M0N2V2RueVdIZUNSOEFnc3k2R3RGRC9ISWFtelVmN1JmNUMzeGlTUDRKZkE5cld6UG1JOEZjN0QxYUpUemhMdDZBUUdRc3JUcUVWQjB2aGJQbkdTKzZ4NHBybHI5aTdLN0QiLCJtYWMiOiJjNmY0NmI0MTlhNmQwZTMwZDAxZjMyZjNmMWJlNGUxMGY0NTI3MmM0YTMzMjVjYTM0ODExYjkyZjU1ZjgwMmZmIn0%3D; expires=Wed, 14-Dec-2022 00:28:27 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Firefox-Spdy: h2
www.99hookups.com/8365/apple-touch-iconddb4.html?v=9By5Al4mbO
52.58.208.158200 OK 113 B URL HTTP/2 www.99hookups.com/8365/apple-touch-iconddb4.html?v=9By5Al4mbO
IP 52.58.208.158:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6c5b2506fbc238513557991cdbbacbad
242cf192558ef2ddd6632fe991d073484ef60a43
9c09b7c8795f96108cf7bb83f091b0b45fbebf55832dbd167e31567664e32d2e
Analyzer Verdict Alert fortinet Phishing
GET /8365/apple-touch-iconddb4.html?v=9By5Al4mbO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:27 GMT
content-type: text/html
content-length: 113
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "99-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.99hookups.com/8365/png/favicon-16x16ddb4.png?v=9By5Al4mbO
52.58.208.158200 OK 1.3 kB URL HTTP/2 www.99hookups.com/8365/png/favicon-16x16ddb4.png?v=9By5Al4mbO
IP 52.58.208.158:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b8be4c55f444e9ce21873703c20a36a6
6c0b08d3ee1b8d8d5f22954bd6e7cb04d6990c53
ddd1d4d315cae5c0a7c93cf642aac0532d4476e9c146e5ba3e1a44fa438f0faf
Analyzer Verdict Alert fortinet Phishing
GET /8365/png/favicon-16x16ddb4.png?v=9By5Al4mbO HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:27 GMT
content-type: image/png
content-length: 1327
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "52f-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6951
Expires: Wed, 14 Dec 2022 00:24:18 GMT
Date: Tue, 13 Dec 2022 22:28:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6951
Expires: Wed, 14 Dec 2022 00:24:18 GMT
Date: Tue, 13 Dec 2022 22:28:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6951
Expires: Wed, 14 Dec 2022 00:24:18 GMT
Date: Tue, 13 Dec 2022 22:28:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qd7ZLBasMl-7gVScLfJ4kxx2fbcyeL21COqu3913iENoLFvK8wkEvA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 22:16:33 GMT
age: 714
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RuZ47uh2aq0Ib0ZGmC7gBooDauMtzuzRZspYkVePk5lFecEIrgTqFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:57:03 GMT
age: 1884
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d49a2e8-6397-48d9-8a2f-003677673ab9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d49a2e8-6397-48d9-8a2f-003677673ab9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d88bf89485f0467547ed7e40f3b49ec2
61502d9e6f5d952a6b4c561537da1ce7a006bf7a
cefe64030201fb9442c0282b5eaee9deb0c9505b53a698f212ab7d8fa34c8627
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d49a2e8-6397-48d9-8a2f-003677673ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11169
x-amzn-requestid: 0ba7adab-24bd-4c1b-9f63-38ad94b3010d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoHu3oAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-217102b4485f14cb2b27115b;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LrKSYDn-_OpFhGCOrTnLm7OuF65KwWfbc_FtvARG0KMgrZOsfBH39w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:16 GMT
age: 2111
etag: "61502d9e6f5d952a6b4c561537da1ce7a006bf7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577cee5a6996494cac7908537e16b192
c598173a2cf846c6cb572b19c754929230318cad
3d2cec49a818850f1a30e6087f8654dceea8b6f16221e2bb15fb9d7e90f6fe96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: eb043760-3b4b-4b84-b2b0-f0fd98d3e47d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpLoEP-oAMFddA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef17-4b7553a0354fc9a021f0fa50;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ma2_pbWp6bdRX_FjDKvUK4GI2MbnqHDVWnGUc4xZESPpZjBBH_tQJw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:51:15 GMT
age: 2232
etag: "c598173a2cf846c6cb572b19c754929230318cad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8501112ef886bfa0aaf2239cee2d312
f07542e9312ef0b42c96f2687766fe46f57f38cb
296c8dd5bdcb6ff49fcfebe464a7baa9c22bbe8ef6fef0798e92b10e1b3b1ac9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4294
x-amzn-requestid: a906aaed-cfa3-453a-b872-87f906f6251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGp1ME7aoAMFWyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f021-23ddca2815a10a181549c5d8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:35:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2uDwp7t_YtOtwnTAUFA9n_mcS-JHhi37LnqgWhLYF6We8IQl6gfCBQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:55:32 GMT
age: 1975
etag: "f07542e9312ef0b42c96f2687766fe46f57f38cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bc4ff2a-b394-4d5e-b82e-4d1694be9750.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bc4ff2a-b394-4d5e-b82e-4d1694be9750.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93cb79f5ffbade1f22774ed3f361e77b
f3363bd8a3584d0307943c4b6d2b97cf1f5560c7
568328e7d8c93e378e18c6d0cf6a2d2ea306815f0c07f75ea8042e918f3b9f81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bc4ff2a-b394-4d5e-b82e-4d1694be9750.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9519
x-amzn-requestid: 1a47ee43-6b5e-4eda-a047-fd852b978248
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKnGUgIAMFWmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-4f7825ea052953e7264bf156;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w6g6AsstOQ6ZIPX-tUc6ktrson2-tuVogtvns2szLQDqNO6_Te8Feg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:13 GMT
age: 2114
etag: "f3363bd8a3584d0307943c4b6d2b97cf1f5560c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.99hookups.com/8365/jpg/02.jpg
52.58.208.158200 OK 211 kB URL HTTP/2 www.99hookups.com/8365/jpg/02.jpg
IP 52.58.208.158:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1403, components 3\012- data
Size 211 kB (211150 bytes)
Hash c05ba08d5920283a9406326e4b746403
72907f01dfd875ac91a3b4c39290340a001e5729
4ea8b15b0e28bb505acf8e33f69cd99d54f461434335bb806b6e89b3fb2d2d7e
GET /8365/jpg/02.jpg HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/css/sexy01.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:31 GMT
content-type: image/jpeg
content-length: 211150
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "338ce-5eed76fe1c680"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bfedca-f74c-4bc0-9808-bfbd384a8508.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bfedca-f74c-4bc0-9808-bfbd384a8508.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 52310941c29a5fa39c1f50ecad222db4
164f9c5dc80de2448be587cc9e0b6b2865be6c1c
abfaee5861e073a3448d4509137a8ae41c87810dbdc1a226870e4d67b9b372d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bfedca-f74c-4bc0-9808-bfbd384a8508.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: 22dd6bae-36a5-4ba0-b397-379b3d9bdc1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL9EHSIAMF5gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef19-362a6bc00c386225614a01f3;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: l3954iwz4TwRHMAh5kIDd9SaSiLmo65LhhJIDk4i9bfXn3k-xh34kg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:59:56 GMT
age: 1718
etag: "164f9c5dc80de2448be587cc9e0b6b2865be6c1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2177
expires: Fri, 16 Dec 2022 22:28:26 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 779221feec22b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/jquery-ui.min.js
52.58.208.158200 OK 0 B URL HTTP/2 www.99hookups.com/8365/js/jquery-ui.min.js
IP 52.58.208.158:0
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/jquery-ui.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "3ab2b-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 142.250.74.106:0
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 22:28:26 GMT
date: Tue, 13 Dec 2022 22:28:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.99hookups.com/8365/js/mdb.min.js
52.58.208.158200 OK 0 B URL HTTP/2 www.99hookups.com/8365/js/mdb.min.js
IP 52.58.208.158:0
Analyzer Verdict Alert fortinet Phishing
GET /8365/js/mdb.min.js HTTP/1.1
Host: www.99hookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.99hookups.com/8365/?country=NO®ion=Oslo+County&city=Oslo&brands=99hookups.com&clickid=8cc322e363ad489c9125b8cd95da634d&pi=120&campaignId=&var1=&var2=&var3=&traffic_type=A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 22:28:26 GMT
content-type: application/javascript
server: Apache/2.4.38 (Debian)
last-modified: Fri, 02 Dec 2022 12:25:46 GMT
etag: "6624d-5eed76fe1c680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2