r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3720
Expires: Sat, 21 Jan 2023 01:52:07 GMT
Date: Sat, 21 Jan 2023 00:50:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Sat, 21 Jan 2023 03:49:30 GMT
Date: Sat, 21 Jan 2023 00:50:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 00:49:34 GMT
content-type: application/json
age: 33
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14314
Expires: Sat, 21 Jan 2023 04:48:41 GMT
Date: Sat, 21 Jan 2023 00:50:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4yx4hnN62wh11RqzK3AvDP5LbD7Fd8WNn0gYs5HE5XW7fUJxddYqyElkbBVZnBsQSlcd/naSHiA=
x-amz-request-id: NNRHA92JXENQP4ZT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 00:17:48 GMT
age: 1939
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 00:50:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
damefans.com/ad_short.php?hash=835fab3a272899ee
69.16.230.42200 OK 2.3 kB URL HTTP/1.1 damefans.com/ad_short.php?hash=835fab3a272899ee
IP 69.16.230.42:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash 554365a0ab7e76f371faf58a3dd02a64
f7621d1e50065df405c66697fcf72de4a17e478c
41d84e2c81796d67331bdaca737ab38b94fb8b0778a09c20760ff42f52cb5069
GET /ad_short.php?hash=835fab3a272899ee HTTP/1.1
Host: damefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 00:50:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5128
Cache-Control: max-age=121335
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 00:50:08 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 10:32:23 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 00:48:58 GMT
age: 70
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
damefans.com/page/bouncy.php?&bpae=GbhGdK0GvUx%2FjnOcnhv6McHQUIkCgjqbyTUxmI7LaAF6fArkr62B8kXPULatmRMcmejk3F7mvuVw9ul%2FdUw%2B8HMbAv8mYFQDOedGQ5nkl3k1YKGANm0hhearP%2FdYtTbM300%2BBvb5CTFxAQ0rhfe39N6SwfQhX6ttxDLW4u1%2FjDJfwrVfN3azSFZKsUx9oLAfG2yCahGXDEYwInTt7FoNqokgNSRC6HRFYb5e40CFLGwO85uhcF0gNzFGOoz%2FhmMUh5Jy%2Bh9V7Y915O%2B3yyQnIChcOV0TvTauas%2FfZnvkmbtRsBczD8eopxnqpzURHMLfuzZ3OkJ%2B68g8S%2B2lLAlqouEVR%2BbEdJ1J1scrI5tA%2BUYvwXuJms9%2BQRAXTfM4j5LgorMoJ7akah%2Bz%2BSk%2B%2FEzwgnuixDdvk5gQkF7KJkzHXPfTI9lFA9nW4BTSki6iuYE8pbsn0CPNDZOsQjiCGSewv4pE0ZbwW4WoaafE063i9uaXcSBXnJFqdsTPsA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
69.16.230.42200 OK 982 B URL HTTP/1.1 damefans.com/page/bouncy.php?&bpae=GbhGdK0GvUx%2FjnOcnhv6McHQUIkCgjqbyTUxmI7LaAF6fArkr62B8kXPULatmRMcmejk3F7mvuVw9ul%2FdUw%2B8HMbAv8mYFQDOedGQ5nkl3k1YKGANm0hhearP%2FdYtTbM300%2BBvb5CTFxAQ0rhfe39N6SwfQhX6ttxDLW4u1%2FjDJfwrVfN3azSFZKsUx9oLAfG2yCahGXDEYwInTt7FoNqokgNSRC6HRFYb5e40CFLGwO85uhcF0gNzFGOoz%2FhmMUh5Jy%2Bh9V7Y915O%2B3yyQnIChcOV0TvTauas%2FfZnvkmbtRsBczD8eopxnqpzURHMLfuzZ3OkJ%2B68g8S%2B2lLAlqouEVR%2BbEdJ1J1scrI5tA%2BUYvwXuJms9%2BQRAXTfM4j5LgorMoJ7akah%2Bz%2BSk%2B%2FEzwgnuixDdvk5gQkF7KJkzHXPfTI9lFA9nW4BTSki6iuYE8pbsn0CPNDZOsQjiCGSewv4pE0ZbwW4WoaafE063i9uaXcSBXnJFqdsTPsA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
IP 69.16.230.42:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6312b462c5b380cd3e5b9c339abf258d
13671b68290d152baa74eb71bb13e05ff3be1fdc
cab96f3b73752a7c0c0eb108ad1fa321bc652a0c24459dc78fdc7610b97baad1
GET /page/bouncy.php?&bpae=GbhGdK0GvUx%2FjnOcnhv6McHQUIkCgjqbyTUxmI7LaAF6fArkr62B8kXPULatmRMcmejk3F7mvuVw9ul%2FdUw%2B8HMbAv8mYFQDOedGQ5nkl3k1YKGANm0hhearP%2FdYtTbM300%2BBvb5CTFxAQ0rhfe39N6SwfQhX6ttxDLW4u1%2FjDJfwrVfN3azSFZKsUx9oLAfG2yCahGXDEYwInTt7FoNqokgNSRC6HRFYb5e40CFLGwO85uhcF0gNzFGOoz%2FhmMUh5Jy%2Bh9V7Y915O%2B3yyQnIChcOV0TvTauas%2FfZnvkmbtRsBczD8eopxnqpzURHMLfuzZ3OkJ%2B68g8S%2B2lLAlqouEVR%2BbEdJ1J1scrI5tA%2BUYvwXuJms9%2BQRAXTfM4j5LgorMoJ7akah%2Bz%2BSk%2B%2FEzwgnuixDdvk5gQkF7KJkzHXPfTI9lFA9nW4BTSki6iuYE8pbsn0CPNDZOsQjiCGSewv4pE0ZbwW4WoaafE063i9uaXcSBXnJFqdsTPsA%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: damefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://damefans.com/ad_short.php?hash=835fab3a272899ee
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 00:50:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.42.124.1101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.124.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +c6a5j/f6VDxf43Tk/g7kQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K5aDOmtTPIXYJk9TghtTzU7Gcdw=
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 752a9ecb600fccb92029cddbd392610a
23e7716a9d330f244f3ab92c6a70c3c13826da8e
40ec383d8a4320c73374e64b72115fff52fc4024b4f49d2794cebf7bb056086f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171213
Date: Sat, 21 Jan 2023 00:50:08 GMT
Etag: "63cb1a54-1d7"
Expires: Mon, 23 Jan 2023 00:23:41 GMT
Last-Modified: Fri, 20 Jan 2023 22:48:52 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 118PAzOb4yWdOp5rRj8Qnk9zvm7KcPjQbrle8fwhJIOV6epXh_vFug==
Age: 5689
alia-iso.com/favicon.ico
35.172.34.123404 Not Found 653 B IP 35.172.34.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 00:50:09 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: hspMOjbH
X-Firefox-Spdy: h2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw2ape1n2ih9h002mig9htn0c&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&cid=w2ape1n2ih9h002mig9htn0c&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw2ape1n2ih9h002mig9htn0c&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&cid=w2ape1n2ih9h002mig9htn0c&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw2ape1n2ih9h002mig9htn0c&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&cid=w2ape1n2ih9h002mig9htn0c&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 21 Jan 2023 00:50:09 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w2ape1n2ih9h002mig9htn0c
pragma: no-cache
set-cookie: cc-v4=2QEQM80V%2Fa1BymDluVkUO0aJLaIKe%2BjSDgf2C%2FDpyvvDhfFtpTeVrEx0pm9XtsO5pTluDGU4G08yp40n6kwkTZMGw4nK8NZuvkNVHHOEUJSltPjusc2CyDmUQVUKw7J1RtDlIG%2Fl2%2BT46Qxci1yM2A%3D%3D; Max-Age=31536000; Expires=Sun, 21-Jan-2024 00:50:09 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 252a78f655dd8e48e9021d9d9ced3fb3
45507efeb3b6725cc85423f7e6c7fd400171fec5
f5f8907637611ca82d1e6e720c6fa5505bfd72473afcef12f0646acf3507a1a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5F8907637611CA82D1E6E720C6FA5505BFD72473AFCEF12F0646ACF3507A1A4"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4094
Expires: Sat, 21 Jan 2023 01:58:23 GMT
Date: Sat, 21 Jan 2023 00:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Sat, 21 Jan 2023 03:03:15 GMT
Date: Sat, 21 Jan 2023 00:50:10 GMT
Connection: keep-alive
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w2ape1n2ih9h002mig9htn0c
172.67.198.234302 Found 503 B URL HTTP/2 winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w2ape1n2ih9h002mig9htn0c
IP 172.67.198.234:0
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w2ape1n2ih9h002mig9htn0c HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 21 Jan 2023 00:50:09 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa44k73&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa44k73;Expires=Tuesday, 21-Feb-2023 00:50:09 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzQyNjIyMDksXCIzMFwiOjE2NzQyNjIyMDl9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NDI2MjIwOSxcIjFcIjoxNjc0MjYyMjA5fSxcInRpbWVcIjoxNjc0MjYyMjA5fSJ9.gOEMp2y1x0fBmPKAfRkdLsDgmLz7tpBW7bQ6DVkf5-0;Expires=Tuesday, 11-Feb-2076 01:40:18 GMT;Max-Age=1674348609;Path=/
_token=uuid_s8hnpa44k73_s8hnpa44k7363cb36c19a86b5.56776725;Expires=Tuesday, 21-Feb-2023 00:50:09 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mg4sppP9qc%2BMwhJ8qCbCgxEyLuGtRUTMF%2FuMcQzJrItZ8WkRa69iHl2dt546eB31k2dZLC53TocaGj7ltK4GeGq95PXmBQ7eC1HkHJ%2FNNBC1uvWYS1sz9qPUV5rY3BvRVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dd98cd5b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Sat, 21 Jan 2023 03:03:15 GMT
Date: Sat, 21 Jan 2023 00:50:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Sat, 21 Jan 2023 03:03:15 GMT
Date: Sat, 21 Jan 2023 00:50:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Sat, 21 Jan 2023 03:03:15 GMT
Date: Sat, 21 Jan 2023 00:50:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a43120101d55af4d7d2cb93aa3f81560
2c1443887c1e4a85ad794f463fc947a97486e091
055cd52ec7c883a67e521fba820e80cbbf8ecb59343f6d48ba5e5d9b22bfddcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7895
x-amzn-requestid: 3ae300df-5e6c-4c70-a8ed-1475b7580b9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlxaEz2IAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21cd5-1b0ce13023f3ada1112870db;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:09:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xg1Y5GDscYzE6WqYp2jk6lkLoJLBwOHf2vb0k5W3TpytZqDwCI29sg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:07 GMT
age: 11403
etag: "2c1443887c1e4a85ad794f463fc947a97486e091"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eff1c7571054ef3a3535dc3cf0756d38
54ccc9d66c916cab0d7b70135e0331d83f57a2d1
6d2f74f27c2622882bf06980569a8a6cf6402e2ec800cf9987c86a3779d1b023
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96cce020-7bd3-4d07-a265-a0ff76f15c24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10300
x-amzn-requestid: ba8a3ff1-2c2c-4f83-8524-20a003f25ca2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etkvHGbOoAMF18g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b2d-0cc97cf827da6b61341da50c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:02:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ga1TpKKwjTPqwgCqEIag_BOzFo-cKW7WqQkzIJWrPq6Z3CNouaEjnA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 11407
etag: "54ccc9d66c916cab0d7b70135e0331d83f57a2d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d59b0db3cc1f31f9154d32804a8e3940
498c310e0f4a84c1350bae55aec0d2a0192f8dda
14a2b4e9763a62478015d8f61bf9e44eb67dfe08a58cc94dc836dc8ff3f1b6cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7014
x-amzn-requestid: 689ad8b2-4ec8-4f61-a31e-7813c9143f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyFHmEIAMFsHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-7ce5fef1456ecc73690eff07;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PXxvFZpsDInGRXlmeyrMzXPosHbau_hjCc8WkLANO8hB3_oMwmaTjw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 03:36:23 GMT
age: 76427
etag: "498c310e0f4a84c1350bae55aec0d2a0192f8dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1b8f3e0407b4d6e24afea546ca274e1
d8a70b23dba532ff8a44ebe4e12890efb5e0c584
24cb3abc9ffe27836d8e0bf2a1eff295d504e09b02237dc4dda938e012c49425
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6377
x-amzn-requestid: 065663fc-8bc2-4b83-a7e3-ad4e24f895f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EzgHCHIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4e3-6bbc3fe80ba4a7de13b99982;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7hsIPpZNQAsTnfmZfp3DHd5GqY2YuauD2Y5gyDi_MUyWYfZ3BPoYlg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 03:36:31 GMT
age: 76419
etag: "d8a70b23dba532ff8a44ebe4e12890efb5e0c584"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GVOdNzEzcPvkVkDOfnHOI1RPDfuJ_gUmoqYFkge2Qdp87B0wdOA6Bw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 11407
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385e5d7b-4f16-45a4-88c5-4be5cf466dc4.png
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385e5d7b-4f16-45a4-88c5-4be5cf466dc4.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88ce2ee581e7de15d22f970712c19697
f4613423c66d24c5b2f0fb89166bce2a1a1e28d9
a09f389c010877312b475a22863b08c01be546bce497bfbd2f012c0bdd19170c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385e5d7b-4f16-45a4-88c5-4be5cf466dc4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 17445
x-amzn-requestid: ffac5525-cb01-4b18-b94e-7ea6f7fbff37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7NDSEePoAMFxeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c78ee1-2f90aeaf3c5658c512b41c13;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 06:17:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pOY088GAKublVWuanaT50b1XZcFYievZZqbZriTE0Y1mhI9z-eZVVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:54:24 GMT
age: 6946
etag: "f4613423c66d24c5b2f0fb89166bce2a1a1e28d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 252a78f655dd8e48e9021d9d9ced3fb3
45507efeb3b6725cc85423f7e6c7fd400171fec5
f5f8907637611ca82d1e6e720c6fa5505bfd72473afcef12f0646acf3507a1a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F5F8907637611CA82D1E6E720C6FA5505BFD72473AFCEF12F0646ACF3507A1A4"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4093
Expires: Sat, 21 Jan 2023 01:58:23 GMT
Date: Sat, 21 Jan 2023 00:50:10 GMT
Connection: keep-alive
m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa44k74&sub2=34496&sub3=21&sub4=s8hnpa44k73&sub5=38577&sub6=156696&sub7=frd&sub8=
104.21.11.83302 Found 0 B URL HTTP/2 m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa44k74&sub2=34496&sub3=21&sub4=s8hnpa44k73&sub5=38577&sub6=156696&sub7=frd&sub8=
IP 104.21.11.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=34496&offer_id=5246&sub1=s8hnpa44k74&sub2=34496&sub3=21&sub4=s8hnpa44k73&sub5=38577&sub6=156696&sub7=frd&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 21 Jan 2023 00:50:10 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63cb36c29950ac0001941a95; expires=Sun, 21 Jan 2024 00:50:10 GMT; secure; SameSite=None
afoffers={"5246":1674262210}; expires=Sun, 21 Jan 2024 00:50:10 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xA8O3uXgT3giJRPtxN5bDbZrG9al32VJwMcdtDSgcC7pFu4oDhE7PQ5SoIyxTYOwSuzTh2YqhpAmKK%2FwFVgSSc7wvq3RhfbX1fpeIcvYaoz%2BMewuVeve98nBpTL5sLXGGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0ddd9d090b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash e4f39d6b4ebc23ec06c70420ad1408d0
75e983d00d2752925cac40697be83e396e5736d3
499f0a6cf0fa063bb057ed5b7d3d226ae5d57c08d75ac8943f8c0dc43c9bced3
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 00:50:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 24 Jan 2023 23:36:31 GMT
ETag: "75e983d00d2752925cac40697be83e396e5736d3"
Last-Modified: Fri, 20 Jan 2023 23:36:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78cc0ddefb1e1c02-OSL
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496
34.242.160.154302 Found 269 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496
IP 34.242.160.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6bb00d74413d1a8a6beba2150050366a
2d6de73ca8b9b4e6c759a397711221eba86f35cf
f6bb0db40d514e5b49e6ae62f9d1b6bffa60ea606092b7711c4389ab7a9f0570
GET /?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 269
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Jan 2023 00:50:10 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496&ckmguid=9dd6d784-e47b-4034-ab78-785a75d04d40
Connection: close
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 8a69d2e16f6dadf00b03a0c4482b4518
6bec2529182f394cdec9f9cb40c92adea48214f6
2daa1a2a563e00bd89f54768f55c22147c2d4ca9a7ec4a22f5bcc4ccf4dd2b64
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 00:50:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 24 Jan 2023 23:11:06 GMT
ETag: "6bec2529182f394cdec9f9cb40c92adea48214f6"
Last-Modified: Fri, 20 Jan 2023 23:11:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78cc0de27d5e1c02-OSL
fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496&ckmguid=9dd6d784-e47b-4034-ab78-785a75d04d40
52.51.210.211302 Found 234 B URL HTTP/1.1 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496&ckmguid=9dd6d784-e47b-4034-ab78-785a75d04d40
IP 52.51.210.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7532efbcf48f5d45bfd4f93788229f0f
2ab8bedeeef016d179e8d70d2f433cdebbe7b567
33acf11e3266000a9dd4ce0555718ec11eac5076c3e3d26d860e1101ee9c4616
GET /?a=16295&c=43694&p=r&s1=&s2=a_63cb36c29950ac0001941a95&s4=34496&ckmguid=9dd6d784-e47b-4034-ab78-785a75d04d40 HTTP/1.1
Host: fordats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Jan 2023 00:50:11 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742109848&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=sdnq8ytJNANKyROt4EP/37mZub2aFGaU3oO//RBNDcVsg31Fg+2Q+A==; domain=.fordats.com; path=/; HttpOnly
trk=YbZZv10n4uPINu1SGwdkkrmZub2aFGaU3oO//RBNDcVsg31Fg+2Q+A==; domain=.fordats.com; expires=Tue, 21-Jan-2025 00:50:09 GMT; path=/; HttpOnly
c36197=sdnq8ytJNAMoH/D4GaBKCaXCLr3IWHZmn0fns9jiMrZeCUghiDE1Zg==; domain=.fordats.com; expires=Mon, 20-Feb-2023 00:50:09 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742109848&source=16295&sum=
18.193.146.82302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742109848&source=16295&sum=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742109848&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 21 Jan 2023 00:50:11 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/032107/n.php?cep=lJy7BMwxcccJ7ZYdUDoqQyS6-jX8GAHMhlasAkT2cDLuTpM5CN2HSQh-ed6yxYt9QYB6pyWPUMYUy0KfVxfYrGRpCjDpNra5KzMWG5JFfzCPPQQ5GJ4a-dwd5SogAXUXWQh0vZ5kznghf4BxUDfpK-1djUCxXMrpoEPfrGjuBwu3q_Gr-K0nDcxRpuKpASmFgpv4fW_p9h9nF-SIk0UuJ_QrBlJ60jqXmMNjObq7ugkAaKcf23MSKU11GGzn2JXlffCCvDw4yqZweualrQMfTWWFDpIH5Jqpc1S6X6eGQWDUadL4CfVp1nvPT6TfsQoZnt-KpkmZ7Yz75oxTFYUPysWG-ZWtV1udKa3iFtt_PHkA8Y5r-HotJ5lR4jvJFsd41I-hF2W-fJFfsQw4em4IkLVw93Cf0dUwZLtdI6j6kNw&lptoken=16d874582694407c11ee&external_id=36197-742109848&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=5NE_cYLeUnHM9-eQrPd7q4iYFRy9ttg0rm_dpl_ZACE; Max-Age=86400; Expires=Sun, 22-Jan-2023 00:50:11 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=VxzaKS597GxgPQxXsTH23TAM0oQnGwK3U6feEEUfxBeqsOsbYDZcaBbkvrRTKSNndV6GlEpZEAFeH4iuTfV0ESb6BfMx0KGT0ECEG5Smmb5ydiUW2asx3WsvCVQrJ10z4BaaKx_rX-94raKFQnHddqXac0BeYg_QQp9KlkDRSRM1EeqV2vZjaChOP-blGXRBqCg1KOLJGDlbypa1EslcwuTZAQmK02YqWvO3T9PD8u8dXqGobAFYBMNLwh89Kd3QwNJVlR-_Sst83oGG008C9ef6jAnCv-ZQidwX8gs1U6Dt6uYCPjquevrOC6CfVaI_hbW_cVzdRsuqEDkLaf6_Y3gZ9Esh3YFVv5jJpTTs4kf06hieE8L008ZbXJN842-GOs_suZtLU4GOJxeMbDN3WpA-EO0at8_--yPQ_4Pb5ek; Max-Age=86400; Expires=Sun, 22-Jan-2023 00:50:11 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
104.26.13.87200 OK 32 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP 104.26.13.87:0
File type ASCII text, with very long lines (65451)
Hash ccc2574a1377239d29e31ba50ba76f29
9428c0a184393ec6cdb815e6320cbc3978e49843
27fb3a4f618705f7df140587c82eab0c05fa87a6123106f9bf94d76cad4edb53
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 21 Jan 2023 03:26:05 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vKpCraeqbV1MAMpqox731NoTYYNggxvwaeWrRrBCzonEISQQM1v9vpC5tp75EjVMGZCIYfnhIcTTHrq3yNN73uLkdcZ4x1aN%2BIqrVto5P0U9Ik8XkNYGMXrDENVua%2F%2BZ1LgcwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea6ecbb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
104.26.13.87200 OK 8.3 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP 104.26.13.87:0
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash 8d868b7a6fc57a5dcb4e79ae36cbf515
4f89c043efdd4cbc397f83dfc3cf594c13c126c2
6920d97eb81a85786a1576840150dae6a1dd4f07358377f0a14ff46001c736ee
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 21 Jan 2023 03:26:05 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER%2BE%2FlqkbTSbLiJXbntIfHkrO%2BE8eYeRlpyQOYpL7nFkJjgNOahx9YvLyvvXNpoaIqb84qyFu%2Fk67LYMGIN3O2n82Jlg5CD4Z0uAE7Jt%2FujkMJdoEfyVkyuz5BKH5yHRVpUFNSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea6eccb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP 142.250.74.138:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 22:17:40 GMT
expires: Sat, 20 Jan 2024 22:17:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 9152
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
104.26.13.87200 OK 6.0 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP 104.26.13.87:0
File type Unicode text, UTF-8 text, with very long lines (17654)
Hash bdb79f9631733f58ebe83752318f5572
ef0776614dc3570681c581682111f75e52054a69
cc02a0debdb4052b1099a70f2d3beaa6c080cfbff14804ebb71ff94474b3be2e
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 21 Jan 2023 03:19:59 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77413
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hucj0mHUvLCleq99qQVax25tmMJsvCAljE60e%2BKn5EbesnSb9xhabwgx8Y8WFJe4Saxa94LNsX26JC9rWJ3qfNWD0IrbzCydXLe8mUO01rXZ1mq7mNpsn2MPIYBPE7SspmIfV9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea6ecdb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 00:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.api-push.com/get-keys
172.64.163.28204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 21 Jan 2023 00:50:12 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2bFeeHR%2FLG1DHhEmugKjk6TcOvZD2SKtAUb3yiJS6zFaMGlazXxMN%2BzucLKAGJYU70u00p9W6qtyI92%2Fb2TQoei3zczih7C6BA%2BLGnK0ioEelHCcXY9EB20gz8bVEQdCUe0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dec1be6731e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/n.php?cep=lJy7BMwxcccJ7ZYdUDoqQyS6-jX8GAHMhlasAkT2cDLuTpM5CN2HSQh-ed6yxYt9QYB6pyWPUMYUy0KfVxfYrGRpCjDpNra5KzMWG5JFfzCPPQQ5GJ4a-dwd5SogAXUXWQh0vZ5kznghf4BxUDfpK-1djUCxXMrpoEPfrGjuBwu3q_Gr-K0nDcxRpuKpASmFgpv4fW_p9h9nF-SIk0UuJ_QrBlJ60jqXmMNjObq7ugkAaKcf23MSKU11GGzn2JXlffCCvDw4yqZweualrQMfTWWFDpIH5Jqpc1S6X6eGQWDUadL4CfVp1nvPT6TfsQoZnt-KpkmZ7Yz75oxTFYUPysWG-ZWtV1udKa3iFtt_PHkA8Y5r-HotJ5lR4jvJFsd41I-hF2W-fJFfsQw4em4IkLVw93Cf0dUwZLtdI6j6kNw&lptoken=16d874582694407c11ee&external_id=36197-742109848&source=16295&sum=
104.26.13.87200 OK 53 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/n.php?cep=lJy7BMwxcccJ7ZYdUDoqQyS6-jX8GAHMhlasAkT2cDLuTpM5CN2HSQh-ed6yxYt9QYB6pyWPUMYUy0KfVxfYrGRpCjDpNra5KzMWG5JFfzCPPQQ5GJ4a-dwd5SogAXUXWQh0vZ5kznghf4BxUDfpK-1djUCxXMrpoEPfrGjuBwu3q_Gr-K0nDcxRpuKpASmFgpv4fW_p9h9nF-SIk0UuJ_QrBlJ60jqXmMNjObq7ugkAaKcf23MSKU11GGzn2JXlffCCvDw4yqZweualrQMfTWWFDpIH5Jqpc1S6X6eGQWDUadL4CfVp1nvPT6TfsQoZnt-KpkmZ7Yz75oxTFYUPysWG-ZWtV1udKa3iFtt_PHkA8Y5r-HotJ5lR4jvJFsd41I-hF2W-fJFfsQw4em4IkLVw93Cf0dUwZLtdI6j6kNw&lptoken=16d874582694407c11ee&external_id=36197-742109848&source=16295&sum=
IP 104.26.13.87:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4330)
Hash 994f931031209413923e0800673be458
f4d2cf061bcffc0b520e64b4f6f23f23dbe48461
faaf6cadc94192e83c1cdbc9310d996c637aa94bd75eba0b8d36bc1654652a35
GET /sl/html/032107/n.php?cep=lJy7BMwxcccJ7ZYdUDoqQyS6-jX8GAHMhlasAkT2cDLuTpM5CN2HSQh-ed6yxYt9QYB6pyWPUMYUy0KfVxfYrGRpCjDpNra5KzMWG5JFfzCPPQQ5GJ4a-dwd5SogAXUXWQh0vZ5kznghf4BxUDfpK-1djUCxXMrpoEPfrGjuBwu3q_Gr-K0nDcxRpuKpASmFgpv4fW_p9h9nF-SIk0UuJ_QrBlJ60jqXmMNjObq7ugkAaKcf23MSKU11GGzn2JXlffCCvDw4yqZweualrQMfTWWFDpIH5Jqpc1S6X6eGQWDUadL4CfVp1nvPT6TfsQoZnt-KpkmZ7Yz75oxTFYUPysWG-ZWtV1udKa3iFtt_PHkA8Y5r-HotJ5lR4jvJFsd41I-hF2W-fJFfsQw4em4IkLVw93Cf0dUwZLtdI6j6kNw&lptoken=16d874582694407c11ee&external_id=36197-742109848&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sat, 21 Jan 2023 00:55:12 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdJlDuWCGCm%2BOv%2Frh1fs%2BxTOTJuv7rsRUpx8gh95Jllm2aBIWfKflu25ALCnZH7%2BVm7aXsSmSG%2BxBTimu2%2BMxDUeeGgHHPXY6QtUEEQiKkH2OQp4WEKzsG2JE4itq%2F3O16KuHAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0de69c38b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/img/top_panel.png
104.26.13.87200 OK 1.2 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/img/top_panel.png
IP 104.26.13.87:0
File type PNG image data, 640 x 63, 8-bit colormap, non-interlaced\012- data
Hash 3d5a8980cd2bd44fdcc440b2b4a7b715
ce08d2573e3193b1cf1ec576bdcb9cc5c01efb18
066fba09681917ca5d2df75ef149c9cb8b7f3e71fd8cb2dbc63f6267af1946ea
GET /sl/html/032107/img/top_panel.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/html/032107/css/css.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: image/png
content-length: 1231
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sat, 21 Jan 2023 22:26:52 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 8600
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yALzoXyXhX57eegcIaDrECVvtspYUGrmFhPWxVEeoh%2FPf4xGqdUNaBlXWEnBmUul8NO32waRPQF8FsA8ltBuwQiLtNndkYn%2FQQv5rdtexUtNrYM901rzp5%2BVAUk4Hhl7KDIa4e4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78cc0dee29b9b517-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/common-langs.js
104.26.13.87200 OK 9.1 kB URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP 104.26.13.87:0
File type Unicode text, UTF-8 text, with very long lines (12768)
Hash 809eb48b5896cb34c8e053459db34687
da2a3276e7ed807c0db506f4700cfb6dfa2b9f20
430f897270c504950bc3f0025a1a463bf366525f40d15a6088682092c7b8d002
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sat, 21 Jan 2023 03:26:06 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfARMeE0tjvA%2FlMPLsT3KtmOiNDBOVXm4CeESyzUd9ZdIYPlvDljsKmEtGlVLQ6eyUlx3M8olVp%2Fs2Pqhbz42ic6A%2B%2Fsx2Yzez6O4Jy%2FNSL3eMSEzMLgWkGaqjY1r%2FlkZ9CJxnk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea7ed5b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/config.js
104.26.13.87200 OK 188 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/config.js
IP 104.26.13.87:0
File type ASCII text, with very long lines (332)
Hash 298c230a596f6b51b5f8a319f415a743
e1fd90391e96c07fc52deefba5d6543fffe15eb1
5477da8f788bb3f959391f7c8d31c23bbd82347c48730b5026d1cb8f2eeae27b
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sat, 21 Jan 2023 22:26:51 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 8601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mPeixELAraqCYb7hh3c8eR5cktM3EHC1U1%2FaZHop475j1OfjBpeym3IZYJKAep4RoDH45oDpPKir4mmkQthFSgnbBP6ISOH5XOn0yJ%2B5AQUO3EUAdfKZnAfyjXA1lUHK%2BQ3diI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea7ed4b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/videos/video1.webm
104.26.13.87206 Partial Content 1.8 MB URL HTTP/2 mycasualhookups.com/sl/html/032107/videos/video1.webm
IP 104.26.13.87:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.8 MB (1787154 bytes)
Hash 275783ec04582836653aefff2ea6644c
c33c6cc9494ea3789cdfc22b925916164aee4253
cd69ec1ee91bec9876983cd47b3381838aaee8be56ef467400d55bf1f5f758fd
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/videos/video1.webm HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://mycasualhookups.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: video/webm
content-length: 1787154
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sat, 21 Jan 2023 08:35:55 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 58457
content-range: bytes 0-1787153/1787154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tePP9d0b7pbMbzy2SbVmKjaF3%2B1rwHv0L%2FVhijmqb%2B2DO9ztlFFR%2BBlTyBNOoHibIvGKdswDR7%2FPZuIK%2Bmr83zBnbp4nVoEakIBx%2Bi0kXcy1j4sjZ5xC7wuPIEN%2FPqj8rxpLXc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dee59d9b517-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 00:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 00:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=lJy7BMwxcccJ7ZYdUDoqQyS6-jX8GAHMhlasAkT2cDLuTpM5CN2HSQh-ed6yxYt9QYB6pyWPUMYUy0KfVxfYrGRpCjDpNra5KzMWG5JFfzCPPQQ5GJ4a-dwd5SogAXUXWQh0vZ5kznghf4BxUDfpK-1djUCxXMrpoEPfrGjuBwu3q_Gr-K0nDcxRpuKpASmFgpv4fW_p9h9nF-SIk0UuJ_QrBlJ60jqXmMNjObq7ugkAaKcf23MSKU11GGzn2JXlffCCvDw4yqZweualrQMfTWWFDpIH5Jqpc1S6X6eGQWDUadL4CfVp1nvPT6TfsQoZnt-KpkmZ7Yz75oxTFYUPysWG-ZWtV1udKa3iFtt_PHkA8Y5r-HotJ5lR4jvJFsd41I-hF2W-fJFfsQw4em4IkLVw93Cf0dUwZLtdI6j6kNw&lptoken=16d874582694407c11ee&external_id=36197-742109848&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fpnlWqV5%2BzuOS7mXGomiNvmbW2LZFaVVYfUPkBOrGc3IxfmQEEaF4ReonNnJrJ8Oo1qgblcE0fUJJr3slXLCcv43Xu%2FI5m2QdPp5UtRCmh0SNU21ADMM9Z9%2BvtUbg0aRVL6cJmEwTgO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dee4dae731e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:52:41 GMT
expires: Tue, 16 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 367052
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 00:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa44k73&sub1=38577&sub2=156696&sub3=frd
104.21.81.229302 Found 0 B URL HTTP/2 hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa44k73&sub1=38577&sub2=156696&sub3=frd
IP 104.21.81.229:0
GET /btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa44k73&sub1=38577&sub2=156696&sub3=frd HTTP/1.1
Host: hotloveland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 21 Jan 2023 00:50:10 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa44k74&sub2=34496&sub3=21&sub4=s8hnpa44k73&sub5=38577&sub6=156696&sub7=frd&sub8=
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa44k74;Expires=Tuesday, 21-Feb-2023 00:50:10 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzQyNjIyMTB9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjc0MjYyMjEwfSxcInRpbWVcIjoxNjc0MjYyMjEwfSJ9.Fku9xlmGH9Z6ftlkoSXajbmqYG0kZGvIIY5jaNzgtqU;Expires=Tuesday, 11-Feb-2076 01:40:20 GMT;Max-Age=1674348610;Path=/
_token=uuid_s8hnpa44k74_s8hnpa44k7463cb36c217f8d9.57204455;Expires=Tuesday, 21-Feb-2023 00:50:10 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HB0Jfy30vZaPvOwALSknn5JWuzo33tItBUR8orlkySkObC8mq41oID9M6n8Jo1kQcELmVQXfeqcJ%2FKADPEEb4AZGMOhaRFngM4Oo%2FutH0TJYNYziKpjGgjYjqhE4ZSEyoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0ddcaf4ab50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/favicon.ico
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/favicon.ico
IP 104.26.13.87:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:13 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 9907691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsbiOYVmkQPuxMDWZja%2FHtzR3gjhHEyJmAYa1Q60hqTGTs3X7wFrtxrTZPWV0Y4LAVDKGMrnUAWnx4ieP9g5zvoMcIsb415qsjNOPf05LEL1SwL%2Ffxj6qI9%2BD2SuW4TO%2FNZj%2F%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78cc0defbadfb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sat, 21 Jan 2023 08:35:54 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 58457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qzvdzbnyStyMPMyT0BnKhgOXDKjpwJOxXjF08xsa5n2fYxOgfB99%2BIJ17nmsan4hJ4t%2FIFKWaL8sNGmt2Uz3SKW8HwCih3oFiXunA3kXABL0dN5DcsqNMHv8qhxkVo%2Blgng34g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea6ec7b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 222577
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rvKryrzYOJqEtudtJRpMx%2BH1OjJ%2FPH8jALu03r%2BO3N%2Fo7lA3q3qInVq7o6Z5qLp2ral0joE3Bi%2BkeODrZbd7ARUbouzcCsv5nj9F7LTaYFDM551aF62bPLFwAyILCRQpfy9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78cc0deb1a028862-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/main.js
104.26.13.87404 Not Found 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/main.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8pH0upGl3bePikH9W81vA5ZEXrReS8aIkZXGtO4N46nBt1%2B5%2B8rgiqoKKj0o5wWyEvoFnYMJrFoi79lj4AwMz9MvO9MsZTrmk7UcfB7TXhRSORCa5a043YpB%2Fso%2FA7iRyEs6O8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78cc0dea6ec9b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/8ce3ea68-9925-11ed-8e19-12c7f018e9bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
35.172.34.123200 OK 0 B URL HTTP/2 alia-iso.com/zcvisitor/8ce3ea68-9925-11ed-8e19-12c7f018e9bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
IP 35.172.34.123:0
GET /zcvisitor/8ce3ea68-9925-11ed-8e19-12c7f018e9bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://damefans.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:08 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: evjcJsrT
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
35.172.34.123200 OK 0 B URL HTTP/2 alia-iso.com/zcredirect?visitid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 35.172.34.123:0
GET /zcredirect?visitid=8ce3ea68-9925-11ed-8e19-12c7f018e9bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/8ce3ea68-9925-11ed-8e19-12c7f018e9bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:09 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: kTLzhlRS
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/css/style.css
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/css/style.css
IP 104.26.13.87:0
GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Sat, 21 Jan 2023 08:35:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 58458
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa9fdIkwwEazF2kBBtighYZ6MD3QKOiQTSxWfVM9dA8%2Bl0dho9FpFdqI7RDSITLtzTFaO3YXU%2FwIV3hYUINFeflBcYleATcVhrke3Woyqk8dhTrAvKwQQzDmxSYdL1C2BI3Gm1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea5ec5b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/css/css.css
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/css/css.css
IP 104.26.13.87:0
GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Sat, 21 Jan 2023 22:26:51 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 8601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZOG8Hu7SrRlGP7u6k2bCIu47IpTdaXE3GOrrs8vcvyWhgtwHijJ%2B57E1nclsrf2Ix7IHLZIpAtQBU%2Bo2kdnsIoZH2duR%2Bv2EJDskb9cvuMRV1dDKFAs4iDRG5GAG1Wsvh1xhXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea6ec6b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/langs.js
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/langs.js
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7419
expires: Sat, 21 Jan 2023 22:26:51 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 8601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONt4sW1GPh%2BcBwlcDSzF2NnA%2Bpa01UtY4uUPU%2BkfIT3rYcddmv0dx83uIDwpIHcFkWUPqbGRcyo22OtvV7nRt282vGKk8rn2Gt%2BGmG5BNaJbKR9UEX%2FrDjMa6NZZGRp0Ikyl1KE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea7ed3b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
188.114.97.1200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 188.114.97.1:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:14 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Fi%2FojoMqJ3mKau7LqtV%2F%2BljHXcbWXnPTD4hOpIHdvnDB33MDxsqL%2BjJ30u5t5YdOzZMdvNZJByF1RS21uBYwagORzn9IXnBfnyHpQT1SpTFLMjZmdbsO%2BDJ%2BCko"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0df6c9f0b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1674262212
104.26.13.87200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1674262212
IP 104.26.13.87:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1674262212 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 00:50:12 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 22 Jan 2023 00:50:12 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkpf0RomtoEb53c6TX8UxGTmtnS3TgCsN0GXiB9D%2B%2FRsakgxrU4Uj3exbROfZ9nE55iBD7lqxKe30i0vc0SMehtrRud1tajx40XWLYA6FyFhNCTFejzN8Lsx9O5IPc9i7fLuWzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78cc0dea6ecab517-OSL
content-encoding: br
X-Firefox-Spdy: h2