r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3132
Expires: Mon, 30 Jan 2023 07:23:56 GMT
Date: Mon, 30 Jan 2023 06:31:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3720
Expires: Mon, 30 Jan 2023 07:33:44 GMT
Date: Mon, 30 Jan 2023 06:31:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6175
Expires: Mon, 30 Jan 2023 08:14:39 GMT
Date: Mon, 30 Jan 2023 06:31:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 05:35:41 GMT
content-type: application/json
age: 3363
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HNpsvxkQ8ksB7KhNDoHc73+vv3HK/bxyfIJPrwlnZF0ripK7AvTeGHKub35qCApYJUNKpTb+txgHp3JOYjkViQ==
x-amz-request-id: H1KC3S9W61P4SCQG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 06:21:41 GMT
age: 603
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:31:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 05:49:04 GMT
age: 2560
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
6e5.hp1001.com/html/4_18.html
72.52.179.174200 OK 2.3 kB URL HTTP/1.1 6e5.hp1001.com/html/4_18.html
IP 72.52.179.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (626)
Hash db9898f6452c37d9c1ff39f63bd73cf5
0e6ef6f636b6afd8589f51454dacdaa51102fbbf
9a43215ef87038ac17d6cf954d6c4997ceaa44858dbd08a28af0e372684cef8d
GET /html/4_18.html HTTP/1.1
Host: 6e5.hp1001.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 06:31:44 GMT
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17340
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 06:31:45 GMT
Connection: keep-alive
6e5.hp1001.com/page/bouncy.php?&bpae=GbhGdK0GfU17j3OEdQS5VBQj7vZ7Z%2Fcu1jcFBpKrxUFulWX7wD07xrkgiXwXLxR3txZ87B%2Bn0aRMkb%2BhredC5zpmZ3BVv%2FlYsxfxblLNIP1kz9QXInUQ0kE6su7xBnkGKFzb%2BFkWuR8gS%2BxBdc9OPpN%2BBTkKoAFBv3k97bPojgtjQuoAfPnJNetu%2FxwTorSm0xJrEs%2FixR0O%2Fh3%2B8GUzAOKHMTKVwf8%2FUWK5VPdyCTVms0IWNia4KIQAjm0dtFJrvQA8ZyTKiLwhdJ%2BJUnXv2Gt1nkbiK33tak%2FY53OGGbufnHTj8J9FKsk2OE6hdP00SiI5l5EUIXtQgizZoNRZTsFtt9s0PdSMx16jFpMBpBS%2FEp7BPSb8wSWWeK%2FEZOskCax2OMGGl6rzy6ORjM2NZmeAICOCGhp41A3WKuW57F5AJihh013LFrUXfazbVh7cFCqVBi2IemDPNGJXrPrVf5SI1GE14FsL7rZMwRSU24VVhIQZGWkg79CS&redirectType=js&inIframe=false&inPopUp=false
72.52.179.174200 OK 982 B URL HTTP/1.1 6e5.hp1001.com/page/bouncy.php?&bpae=GbhGdK0GfU17j3OEdQS5VBQj7vZ7Z%2Fcu1jcFBpKrxUFulWX7wD07xrkgiXwXLxR3txZ87B%2Bn0aRMkb%2BhredC5zpmZ3BVv%2FlYsxfxblLNIP1kz9QXInUQ0kE6su7xBnkGKFzb%2BFkWuR8gS%2BxBdc9OPpN%2BBTkKoAFBv3k97bPojgtjQuoAfPnJNetu%2FxwTorSm0xJrEs%2FixR0O%2Fh3%2B8GUzAOKHMTKVwf8%2FUWK5VPdyCTVms0IWNia4KIQAjm0dtFJrvQA8ZyTKiLwhdJ%2BJUnXv2Gt1nkbiK33tak%2FY53OGGbufnHTj8J9FKsk2OE6hdP00SiI5l5EUIXtQgizZoNRZTsFtt9s0PdSMx16jFpMBpBS%2FEp7BPSb8wSWWeK%2FEZOskCax2OMGGl6rzy6ORjM2NZmeAICOCGhp41A3WKuW57F5AJihh013LFrUXfazbVh7cFCqVBi2IemDPNGJXrPrVf5SI1GE14FsL7rZMwRSU24VVhIQZGWkg79CS&redirectType=js&inIframe=false&inPopUp=false
IP 72.52.179.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 957ecb443a57db750b2c2819c711c30c
4a83f3315b619431c014f9b1e2c927e7b8e38d14
c5e6f5b870d062d984e6ec95074f524bb0cf549b0bc7957c51355a0f22a76a38
GET /page/bouncy.php?&bpae=GbhGdK0GfU17j3OEdQS5VBQj7vZ7Z%2Fcu1jcFBpKrxUFulWX7wD07xrkgiXwXLxR3txZ87B%2Bn0aRMkb%2BhredC5zpmZ3BVv%2FlYsxfxblLNIP1kz9QXInUQ0kE6su7xBnkGKFzb%2BFkWuR8gS%2BxBdc9OPpN%2BBTkKoAFBv3k97bPojgtjQuoAfPnJNetu%2FxwTorSm0xJrEs%2FixR0O%2Fh3%2B8GUzAOKHMTKVwf8%2FUWK5VPdyCTVms0IWNia4KIQAjm0dtFJrvQA8ZyTKiLwhdJ%2BJUnXv2Gt1nkbiK33tak%2FY53OGGbufnHTj8J9FKsk2OE6hdP00SiI5l5EUIXtQgizZoNRZTsFtt9s0PdSMx16jFpMBpBS%2FEp7BPSb8wSWWeK%2FEZOskCax2OMGGl6rzy6ORjM2NZmeAICOCGhp41A3WKuW57F5AJihh013LFrUXfazbVh7cFCqVBi2IemDPNGJXrPrVf5SI1GE14FsL7rZMwRSU24VVhIQZGWkg79CS&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: 6e5.hp1001.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://6e5.hp1001.com/html/4_18.html
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:31:45 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.148.87.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.87.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s0bH3Nt1kPMFSZAJopKkJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RC47rmmgoFJM627o1/jo/PkgrSM=
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 772b899bc9b15c8103b07f46a63105c3
ff3a5c473f0e49a3903af662bfe8475061c010ac
a62a9bd073cadd238bede1c3ccdf61703389d9c24b1148c165af3e4bd237fe7a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151234
Date: Mon, 30 Jan 2023 06:31:45 GMT
Etag: "63d6f7d2-1d7"
Expires: Wed, 01 Feb 2023 00:32:19 GMT
Last-Modified: Sun, 29 Jan 2023 22:48:50 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bfe_7Vx34yQq0UmOD0euM7i-ZkEKNT8krm5joMgZKkBfOW2JRMmPuw==
Age: 6209
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw0qnnoc4ui5ecu8mi0t7ha4q&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&cid=w0qnnoc4ui5ecu8mi0t7ha4q&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw0qnnoc4ui5ecu8mi0t7ha4q&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&cid=w0qnnoc4ui5ecu8mi0t7ha4q&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw0qnnoc4ui5ecu8mi0t7ha4q&caid=84d6f7b4-ce89-455b-bad1-740ad02889f8&zpid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&cid=w0qnnoc4ui5ecu8mi0t7ha4q&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 06:31:46 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w0qnnoc4ui5ecu8mi0t7ha4q
pragma: no-cache
set-cookie: cc-v4=Z73rfkZs8rYQxiVuz4ZJ9tlbWeiPYFp7ARHEmX9SBK5LTWIF1lBYIB%2BO217LH78lDnDWP%2FmuFcKjA4R9odRdccGkUgTU2Di292ipoAYTkmCqadKD9w0nlB2s7H1rrhUKFf0GW8XRnQst20V7zPtc0g%3D%3D; Max-Age=31536000; Expires=Tue, 30-Jan-2024 06:31:46 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
alia-iso.com/favicon.ico
52.7.54.238404 Not Found 653 B IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 30 Jan 2023 06:31:46 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: gOzQoVEG
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP 142.250.74.131:0
Hash f3c6eb0e964486e9ca404c4321840ac7
0c6377d7811fcdd0c209b6177a6af239d8145d9c
bf72a1c9a0a21d2563817be5cea2cfd82ba99a11fb9fa7ac7fe3068e17b1e44a
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:31:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:31:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:31:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:31:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 31177
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 35129
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:27 GMT
age: 30019
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 435598df0723ba8070784ee6a8d6de8b
0dab67801b42d738a5074ec3f0489f04c5e6552c
05339073fff5fe4213a38505242c577f579aba68d5c249e8bac10b03d379a2dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10616
x-amzn-requestid: 809aadb4-f948-41a5-82bc-84a520a5689a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEZIIAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-2c659eae4d513b433aa749e3;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pzTV9rIn345DR4kpnePsLi7muCptJ5Ivrs25Yanl_z6A5nsxaiXyNw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 31177
etag: "0dab67801b42d738a5074ec3f0489f04c5e6552c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jdh2u-xrCjqq1SKWL7hCTqrlGRjbytuxecJS-cwiXb5FQypGKYbFzg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:35 GMT
age: 30971
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8901f99d8e3001e442c887f89e2e650
a61875fcee6c09087462f0443286482d903725bc
d3a69a5bce1852c464755452d7f5a88f0d20fbed14b9f16ac6f539d4d1bfdb21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5960
x-amzn-requestid: 313f5526-984b-4224-b321-732fe5ae5a7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkl0HimoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-430032d00080eff464e4d574;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TiZDGG_JsgbKWvLfQn_uioEKmxzYKKV8cT9wJ2PntoNPb4r1a2YKtg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:33 GMT
age: 30973
etag: "a61875fcee6c09087462f0443286482d903725bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa7gqru&sub2=34496&sub3=21&sub4=s8hnpa7gqrt&sub5=38577&sub6=156696&sub7=frd&sub8=
104.21.11.83302 Found 0 B URL HTTP/2 m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa7gqru&sub2=34496&sub3=21&sub4=s8hnpa7gqrt&sub5=38577&sub6=156696&sub7=frd&sub8=
IP 104.21.11.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=34496&offer_id=5246&sub1=s8hnpa7gqru&sub2=34496&sub3=21&sub4=s8hnpa7gqrt&sub5=38577&sub6=156696&sub7=frd&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 06:31:46 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d764529551f500013f1d85; expires=Tue, 30 Jan 2024 06:31:46 GMT; secure; SameSite=None
afoffers={"5246":1675060306}; expires=Tue, 30 Jan 2024 06:31:46 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdgz64gozKD2w88URcE3QXRqArNobdCEPExROnT3hkr3qYTVop8LAQHRIup4BUdsWP%2BBfr8zwxnvXREkqIPJLki1CoIRVN4rm4pPtgAAV8qTTlYJmpZ81Ib507qeS07S7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182aa54828b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP 142.250.74.131:0
Hash f3c6eb0e964486e9ca404c4321840ac7
0c6377d7811fcdd0c209b6177a6af239d8145d9c
bf72a1c9a0a21d2563817be5cea2cfd82ba99a11fb9fa7ac7fe3068e17b1e44a
POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 2c8650d01910ca9715fde05ee6726966
15a218bb3643f76e3adba9192de2f3e5c910419e
7ad39b856a62c1afefdf3b331658cfb1e5dc632a4a8fd26f935440673de4daa5
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:31:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:11:23 GMT
ETag: "15a218bb3643f76e3adba9192de2f3e5c910419e"
Last-Modified: Mon, 30 Jan 2023 06:11:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79182aa67b29fac0-OSL
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496
52.51.210.211302 Found 270 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496
IP 52.51.210.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 46995a1201154df0124b1f84ed5629cb
d51376a173791663d8b4432b71cef5f7b8d2c535
250d2627cdd5904ba5d5da91d247697e1ad23dce49c3a3ecf09002a1f7e3304d
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 270
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Jan 2023 06:31:47 GMT
Location: https://toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496&ckmguid=1dbdd38a-bc13-42ac-a319-d7a9dc6f5c0f
Connection: close
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash e9bb5f1e9b52819278cd758742ce3494
337974eb7fa57f1447f9f3df51cab87fbb716297
1694bd43d0785a2bcb4fbdf1278efb6eb58e8f787672e9b9433322bfca4794c8
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:31:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Fri, 03 Feb 2023 04:10:38 GMT
ETag: "337974eb7fa57f1447f9f3df51cab87fbb716297"
Last-Modified: Mon, 30 Jan 2023 04:10:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79182aaade50b51b-OSL
toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496&ckmguid=1dbdd38a-bc13-42ac-a319-d7a9dc6f5c0f
52.19.202.187302 Found 234 B URL HTTP/1.1 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496&ckmguid=1dbdd38a-bc13-42ac-a319-d7a9dc6f5c0f
IP 52.19.202.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3fa3273a1e4874b91c549a5224c6b12e
67ab04d9b85dffcb1afbe87cf54f276ca8e5d220
8b58cd97ca8ae8d9802a38abb378e6c169fa1c9d5ea4d96ea75ee476e4279014
GET /?a=16295&c=43694&p=r&s1=&s2=a_63d764529551f500013f1d85&s4=34496&ckmguid=1dbdd38a-bc13-42ac-a319-d7a9dc6f5c0f HTTP/1.1
Host: toomoffr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Jan 2023 06:31:48 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742739971&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=TmZN0R+LR3xLAGqEhA87dT26/SpNvr/ch0O322tHxqsTkZgoI6QDlw==; domain=.toomoffr.com; path=/; HttpOnly
trk=h9cyHJ7GVb1KyROt4EP/3z26/SpNvr/ch0O322tHxqsTkZgoI6QDlw==; domain=.toomoffr.com; expires=Thu, 30-Jan-2025 06:31:55 GMT; path=/; HttpOnly
c36197=TmZN0R+LR3w6ac+g6HyppRRz71wM7xFEqd9s8LRbbvpeCUghiDE1Zg==; domain=.toomoffr.com; expires=Wed, 01-Mar-2023 06:31:55 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742739971&source=16295&sum=
18.193.146.82302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742739971&source=16295&sum=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742739971&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 06:31:48 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/DE10/n.php?cep=Ae8fqvcdGgf_McvU99xjL-SyBPhjWo4b23ebBznZqj9qt2KvDvNkjlCpLaWva02AhC8CZbIF9sRhDdwv_YhVHCaI5OyGjnEMxj7p4T-pgXDTIjKs-IvLNFCWfmerBB7ttJzUzbuv38twK7ig6wUsb4txYPD8GlygY8YwMJrWXl0rdgoI_5Mu7lD3fiLmSzGZLdIsNjx9qb5C-2U0i9q4cx6BoiK0iIfnx7uHwz3zi1X8hNhTh8ozC3GUWCdH2vkLMu0q1go-3jpEWFurDQ_QsU4CCIWNP6lPVfRJbUS8Yc3troe0ZbqfBPu_fOIKzWUyWLlxWjKZk8bRm0QmYWU-U-v2ULDPQU-CssgUae-Al1jQ242Acxu9_2FA89Urfq4L1obs7Y5T22OnVOCM_7DS2Mm4pDhtsaicZkDnqTdi18U&lptoken=16d175df06d421100899&external_id=36197-742739971&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=DxPuZ26QdosuziL-mT_qmxTldmfDbhekiPqTvw4hLs0; Max-Age=86400; Expires=Tue, 31-Jan-2023 06:31:48 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=7dzQ8SuVtkg3Cv_-J4ybu6TC9FVyavijj6WloBIuTsMCQjh3QyhUuWRPUCheoZCRRBBi-LtV-HmwsXrFnojpTNcum96xbmH92p-_4kz1YFL-m9BpsCTlL4cA3qEXqUo4XsICAgQRhxMJL3Q4eXefhGwHsNWfSNpVFNb6k0vjZhfU2_5aYv5odmTKcFiWM--xWseJTHtfhFtfQcJGG6qUabsjsMQwrJkFctRQpsQDx-jT-claVl3jtdnYu7mcxkGg7WcwFE2X2O1SBFiBkAdiNd5wDeulUOHEMIYCk5vA88pKseoxEQwbmtj42rMi9gE69n3lEbdKWiDumsmbSW-IRqsvxR7m-N13-CeoqwhxrrDZjMgWOYyCaHwHoPZ2YMMmV1rfR27SZ4mIjlhXujTtar_gosvjqF3-7XDNtQxJGXU; Max-Age=86400; Expires=Tue, 31-Jan-2023 06:31:48 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
IP 142.250.74.131:0
Hash adfc2cc6add1d4c15131e343ee899077
42969e20cf9343e0072ce16fa6895e9c810d3fb6
257006927925883a0f188f332146ff65a05cc917330d648f3ca58a52fc684fac
POST /s/gts1p5/QsXoNUJjkNc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/html/DE10/images/01.jpg
172.67.71.67200 OK 63 kB URL HTTP/2 mycasualhookups.com/sl/html/DE10/images/01.jpg
IP 172.67.71.67:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x736, components 3\012- data
Hash 3a850bc7c7440247f8464289ab4c282c
3347973cd9aa7a79cf9c87ea147a586a0da7fa9a
d62defeba698e9f156e1f6f777d28ff475a8abf37c9dc632005fda06cba77fc1
GET /sl/html/DE10/images/01.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: image/jpeg
content-length: 63047
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 30 Jan 2023 21:18:10 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 33219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur5pe3a63CfdU7xmhlfGMr2Xs%2Bgpn9MXJm1uuoFu8FWsGcG4wo%2BCfi7fWzyRgg8XcQRdSAdQAtOF1LWBIU8nHix%2Bbida%2F%2Bxb5m4C9bnssfuupZ0Sb4hLYYyQxGxVd3ltEBUcask%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182ab42d96b4e8-OSL
X-Firefox-Spdy: h2
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w0qnnoc4ui5ecu8mi0t7ha4q
104.21.76.186302 Found 47 kB URL HTTP/2 winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w0qnnoc4ui5ecu8mi0t7ha4q
IP 104.21.76.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x393, components 3\012- data
Hash 522d1fb81bd75e2160ce5fa2e05bcb80
bea0851dea66e6897cf9681055e34d4149d1f0fe
8305ef4314706cf7468a4d6230039a86c0120e284bd866f4c6b5cdf99d20206d
GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w0qnnoc4ui5ecu8mi0t7ha4q HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 06:31:46 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa7gqrt&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa7gqrt;Expires=Thursday, 02-Mar-2023 06:31:46 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzUwNjAzMDYsXCIzMFwiOjE2NzUwNjAzMDZ9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NTA2MDMwNixcIjFcIjoxNjc1MDYwMzA2fSxcInRpbWVcIjoxNjc1MDYwMzA2fSJ9.aqy0RHPjyAYF-NIaYSFcPV9tHTkUhoSYwWA2AwxwzhM;Expires=Saturday, 29-Feb-2076 13:03:32 GMT;Max-Age=1675146706;Path=/
_token=uuid_s8hnpa7gqrt_s8hnpa7gqrt63d76452300c50.99632827;Expires=Thursday, 02-Mar-2023 06:31:46 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCcsnXugDz1IKrwva91oizWr14vgTcMfU%2F1VypSt167tvHwHRywxptk2uGZLAGZeT61f%2BMWFzyUmfGDQyyWQaccnG7Bqb%2B2ir%2F0gS63bxqZxDTVsRtk2DYw6JOBKH3z8LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182aa10f661c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/images/05.gif
172.67.71.67200 OK 295 kB URL HTTP/2 mycasualhookups.com/sl/html/DE10/images/05.gif
IP 172.67.71.67:0
File type GIF image data, version 89a, 250 x 176\012- data
Size 295 kB (295330 bytes)
Hash a5d1782e371584dd39fc60be2654dc5e
3347cabe8d40b0b93dff953291e0452c0d81a6e0
7c19aaec94ee7eceeea4171c58384347af75fe5b01374e548c49d9d498b83fea
GET /sl/html/DE10/images/05.gif HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: image/gif
content-length: 295330
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 30 Jan 2023 21:18:10 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 33219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HiG94xP5T2Q6zqyO%2BibLkfpZ4OmSi4nLpAdmU7gWyVE213EBtfhzCYUfuoHpFJZor16BovcCYVekTOqx9wO2YnS5UMWoQk5LOL1ISPLhPhQQw3Vr5r8jqhHoncgynTD0h4mE7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182ab42d9cb4e8-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/images/02.jpg
172.67.71.67200 OK 72 kB URL HTTP/2 mycasualhookups.com/sl/html/DE10/images/02.jpg
IP 172.67.71.67:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x670, components 3\012- data
Hash 5a8b9b0560b1efd78ffc4b0a4b26d5dd
02c37f09435dd0df94fc9e291701cea61de47acd
69b803896c47dd6f767ec4475e28005b7a72b0273947a794391d857a93885a52
GET /sl/html/DE10/images/02.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: image/jpeg
content-length: 72269
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 30 Jan 2023 21:18:10 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 33219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkQL3QhH%2FaNnCwPwATJO2Oiq0TF5lO%2FbP08bk%2BtMrf3lcGaiE7F6vHxp4GNj2fauItddz4ki9uTInQji5U69%2BrjXWgBZw17A0izVXHICWKHfqv0SxhVFmHHApFG6F7ZUal9SfJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182ab42d97b4e8-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
172.67.71.67200 OK 32 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP 172.67.71.67:0
File type ASCII text, with very long lines (65451)
Hash 7ee1fd3c79808ecd33e4570d0cf39927
1ccd2d102f8092f50dc0d1b40edc94b56fe02a0f
db4893d55dd6a1f48f3f0a67fdafe6b79dec1cf917531301895bef2ff0abcaa3
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 30 Jan 2023 06:53:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 85073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeju5HI2uxaios3fLmjZz31euc9uI0729%2FmjpLUOd4XkWezomPP%2FT39heWDNyjn1sV6z%2Fqoa248w2KlQO2ZDGJl1FIc6HEcxB8x2Gz94HDHLbNWgKv81I82hB4jk41kQfF0SuAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab41d8ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 12 kB URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
File type ASCII text, with very long lines (34449)
Hash def532e5e1f0302203e4db43ffe3867d
850a7c82673ac49e5e21bb7b65ab37c8b40b511d
4a6db4ab7a3851e0e9ea8a6d9fa7d886ed50b37ea79891e1245864adc0053314
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 379516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuioV3hwdIvc2SXU2Ob%2BZYn3mEcktYCFrYiDmVVxFpUR7W76XjVHz2j5TktkJ%2BPTgm%2FrSFALo8t%2FQFUl6RUMhRQy6uV1AD8pp9xNdlNNUKVUOD%2BVk561k2a%2B00Te%2B1rP3BP4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182ab4eab7dd87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP 142.250.74.131:0
Hash f98c01e8b2f68b1458c37243693f8624
17c569a1155c74c1937ddaf8bf628e95216bebf6
099cbadf59a8255956f0c3f9a185a5726ef18400313457fbf005bf6a754d939f
POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/html/DE10/css/main.css
172.67.71.67200 OK 1.2 kB URL HTTP/2 mycasualhookups.com/sl/html/DE10/css/main.css
IP 172.67.71.67:0
File type ASCII text, with very long lines (2033), with no line terminators
Hash c080d55fd14153158d728292f7630332
18ebfeb65b8ee74c4b0a009ed62d0cf4096be40d
61bb65a083c5c0e6f137d6a74f041292e58890d1592066d0c52d1c9983d6ab9c
GET /sl/html/DE10/css/main.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=2611
expires: Mon, 30 Jan 2023 17:50:15 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 45693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt2VWUuSAsA2aSsWz5W3IAXr4ym%2FBIvLoHbsAGDdA8lyB9kmUCpGPHt6KcMEgDKdOL02SilEHWAyLimM3L3ns0udbmM4l0ae4NMuWTE2nRBZwIsXPcHGNeR2oIztl8spp02Fukc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab41d82b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
172.67.71.67200 OK 7.8 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP 172.67.71.67:0
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash acdc53f58bd1703e5761535528fec208
42b2cf70c61f8cfcbc929dd302ad5130b3f1e859
6d7a77671ea2f22cacd488483bc7a2c08fbc2d897f8b45b7412789f7a1e22cdc
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 30 Jan 2023 06:53:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 85073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7SJH6GbG4KlPFYr5U7jIu6Xso5suBLmfki5fAv6It3eYwAiG5RPQyk8prpYQKB6efMG8sxJ7kFanbmcI9mWBhtyIJHj8S02OCpsAOXRL4MaCMwBjxKEaTxMkXm5cX158uV1IRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab41d8bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP 142.250.74.131:0
Hash f98c01e8b2f68b1458c37243693f8624
17c569a1155c74c1937ddaf8bf628e95216bebf6
099cbadf59a8255956f0c3f9a185a5726ef18400313457fbf005bf6a754d939f
POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:31:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alia-iso.com/zcredirect?visitid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 OK 46 kB URL HTTP/2 alia-iso.com/zcredirect?visitid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
Hash a7cac558e48dfec1a09241ff44e70d68
79c11a417c7553ac310de5b4d59e95a23562f50d
2ac795846221c00ba232add057a53667e347fd43cbe322918d9bb5b4aef1af4f
GET /zcredirect?visitid=c3ac2d70-a067-11ed-b4ee-1276e2d1a233&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/c3ac2d70-a067-11ed-b4ee-1276e2d1a233/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:45 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: ozuiImsl
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/n.php?cep=Ae8fqvcdGgf_McvU99xjL-SyBPhjWo4b23ebBznZqj9qt2KvDvNkjlCpLaWva02AhC8CZbIF9sRhDdwv_YhVHCaI5OyGjnEMxj7p4T-pgXDTIjKs-IvLNFCWfmerBB7ttJzUzbuv38twK7ig6wUsb4txYPD8GlygY8YwMJrWXl0rdgoI_5Mu7lD3fiLmSzGZLdIsNjx9qb5C-2U0i9q4cx6BoiK0iIfnx7uHwz3zi1X8hNhTh8ozC3GUWCdH2vkLMu0q1go-3jpEWFurDQ_QsU4CCIWNP6lPVfRJbUS8Yc3troe0ZbqfBPu_fOIKzWUyWLlxWjKZk8bRm0QmYWU-U-v2ULDPQU-CssgUae-Al1jQ242Acxu9_2FA89Urfq4L1obs7Y5T22OnVOCM_7DS2Mm4pDhtsaicZkDnqTdi18U&lptoken=16d175df06d421100899&external_id=36197-742739971&source=16295&sum=
172.67.71.67200 OK 1.6 kB URL HTTP/2 mycasualhookups.com/sl/html/DE10/n.php?cep=Ae8fqvcdGgf_McvU99xjL-SyBPhjWo4b23ebBznZqj9qt2KvDvNkjlCpLaWva02AhC8CZbIF9sRhDdwv_YhVHCaI5OyGjnEMxj7p4T-pgXDTIjKs-IvLNFCWfmerBB7ttJzUzbuv38twK7ig6wUsb4txYPD8GlygY8YwMJrWXl0rdgoI_5Mu7lD3fiLmSzGZLdIsNjx9qb5C-2U0i9q4cx6BoiK0iIfnx7uHwz3zi1X8hNhTh8ozC3GUWCdH2vkLMu0q1go-3jpEWFurDQ_QsU4CCIWNP6lPVfRJbUS8Yc3troe0ZbqfBPu_fOIKzWUyWLlxWjKZk8bRm0QmYWU-U-v2ULDPQU-CssgUae-Al1jQ242Acxu9_2FA89Urfq4L1obs7Y5T22OnVOCM_7DS2Mm4pDhtsaicZkDnqTdi18U&lptoken=16d175df06d421100899&external_id=36197-742739971&source=16295&sum=
IP 172.67.71.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4058), with no line terminators
Hash a08d070aa44a188adaaa249a884c1304
2220deb43b4d0501d483f1233b2bc332715da0e4
11196ae995ba5dbca99ecc776c45e78666105b1610ccede602b8349febfa332c
GET /sl/html/DE10/n.php?cep=Ae8fqvcdGgf_McvU99xjL-SyBPhjWo4b23ebBznZqj9qt2KvDvNkjlCpLaWva02AhC8CZbIF9sRhDdwv_YhVHCaI5OyGjnEMxj7p4T-pgXDTIjKs-IvLNFCWfmerBB7ttJzUzbuv38twK7ig6wUsb4txYPD8GlygY8YwMJrWXl0rdgoI_5Mu7lD3fiLmSzGZLdIsNjx9qb5C-2U0i9q4cx6BoiK0iIfnx7uHwz3zi1X8hNhTh8ozC3GUWCdH2vkLMu0q1go-3jpEWFurDQ_QsU4CCIWNP6lPVfRJbUS8Yc3troe0ZbqfBPu_fOIKzWUyWLlxWjKZk8bRm0QmYWU-U-v2ULDPQU-CssgUae-Al1jQ242Acxu9_2FA89Urfq4L1obs7Y5T22OnVOCM_7DS2Mm4pDhtsaicZkDnqTdi18U&lptoken=16d175df06d421100899&external_id=36197-742739971&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Mon, 30 Jan 2023 06:36:48 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn3sA1Q5%2BZSd4iI%2FSr1vvSf%2FpCbYoYrX5OynR3QsGdnVJ4RdIWxfLjNK5f98yJKhQR%2BUHVzbgaXHktCwX6Se7yI31HKu2V216NmLUasY0EtcF3oN1xQaa4aPdKQ%2FBOQkXSxqO%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab069a6b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.163.28204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 06:31:50 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw%2Fh7Mp%2Fd1oTZyY%2B0t3oWtYRVOXaG%2BBjzbiIaaVT1UO%2FEmS%2FRTKEDkKiaPtw%2Fvj%2BxGzMecjHYbXSHu6f4UczxdXHeN388KHxMtIpGml8iw%2FCndKyLr2EHwtEHBC8Z4PTnFZmWvPSG23l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab92b71bc93-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/DE10/n.php?cep=Ae8fqvcdGgf_McvU99xjL-SyBPhjWo4b23ebBznZqj9qt2KvDvNkjlCpLaWva02AhC8CZbIF9sRhDdwv_YhVHCaI5OyGjnEMxj7p4T-pgXDTIjKs-IvLNFCWfmerBB7ttJzUzbuv38twK7ig6wUsb4txYPD8GlygY8YwMJrWXl0rdgoI_5Mu7lD3fiLmSzGZLdIsNjx9qb5C-2U0i9q4cx6BoiK0iIfnx7uHwz3zi1X8hNhTh8ozC3GUWCdH2vkLMu0q1go-3jpEWFurDQ_QsU4CCIWNP6lPVfRJbUS8Yc3troe0ZbqfBPu_fOIKzWUyWLlxWjKZk8bRm0QmYWU-U-v2ULDPQU-CssgUae-Al1jQ242Acxu9_2FA89Urfq4L1obs7Y5T22OnVOCM_7DS2Mm4pDhtsaicZkDnqTdi18U&lptoken=16d175df06d421100899&external_id=36197-742739971&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:50 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvDMkgUNzRMIBWU6pBJtu%2B8FNT5j11Gdv49KUgxbZ2sh6B%2FTjvaIKjr56QS%2BED%2Be7mGtjWz10%2BRLzA855obNkUdibTD4oG0YTlsnWeuWyKtigXP8%2BARBIUuajrh2mBwpwbSg9bK9CwVc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182aba1bc4bc93-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.71.67200 OK 1.1 kB URL HTTP/2 mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.71.67:0
Hash cba0fd975718c31a75f2c80747b66fee
806df8fd1c0c5762049d9d0cb5b9654ba8688d0b
e56078d0b64dd055353a187ed849e8475a38f5a7dac3920a5072117169ecb2d2
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl6LfKjv3RLNTdHZzFSc0A0bS2gz1iE9DyMGxjhtf5EaNDX52ebAEopLSfjKXh50zY5tkciBS1lX520xQXXvOFen5G7paotS%2BwHy0pOBR6X3FDCwLOFCdHhYA8ZCNOyQjlkHrh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182ab8e9fcb4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 06:31:49 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
104.21.58.242200 OK 1.8 kB URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 104.21.58.242:0
File type ASCII text, with very long lines (6775)
Hash 6b6efb56212b5724e911b471b6e1aac2
cac871e69f1a1cd7de404a400545585409eb792c
0f9bd7b1b5f8a6d323fe2d74f236fb75062326cc5648cbc3711d81c9bf5db872
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:51 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4231
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F%2BpQ7K7%2FYkd7Bzwn86fbaTuaza1Qa6222zn%2FhAVPG683MDAFtt%2FGlm471ZS8e3I1m1rLwYBjBmeHNi%2B5%2FBR8H9BDJpGKVwNA48puhWHWUWo8rgIqUWCBcT7wCS9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ac29f6cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/js/custom.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/DE10/js/custom.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/DE10/js/custom.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=130977
expires: Mon, 30 Jan 2023 17:50:15 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 45693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PERapp2m1BaKSed2qxuAoqT8TlMt%2BduADGCBmRLc%2B0WEQzQ2hGEaKJeh9gRE8HIwfvzHWgEIQobCMJ%2BWMCxFwwUIy8kfcs2ElxdnUbggfO3b1qUtHEk%2Fm1STZWgV9j8oYiI7Sa0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab41d86b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/js/langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/DE10/js/langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/DE10/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=36979
expires: Mon, 30 Jan 2023 17:50:15 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 45693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTOSetvB1OcTqK2AaEfLqWi51D9ceyV0Na%2BHsL84KoQpjO7%2FZc7IpOwFpohWWD3jePpDznrYmfBUYLbppmq0sGXWlQjsef4i5FYJoDzcsXI0ROwxOJGt8TjKVPfAHinEISE66rc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab42d8eb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.163.28200 OK 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/DE10/n.php?cep=Ae8fqvcdGgf_McvU99xjL-SyBPhjWo4b23ebBznZqj9qt2KvDvNkjlCpLaWva02AhC8CZbIF9sRhDdwv_YhVHCaI5OyGjnEMxj7p4T-pgXDTIjKs-IvLNFCWfmerBB7ttJzUzbuv38twK7ig6wUsb4txYPD8GlygY8YwMJrWXl0rdgoI_5Mu7lD3fiLmSzGZLdIsNjx9qb5C-2U0i9q4cx6BoiK0iIfnx7uHwz3zi1X8hNhTh8ozC3GUWCdH2vkLMu0q1go-3jpEWFurDQ_QsU4CCIWNP6lPVfRJbUS8Yc3troe0ZbqfBPu_fOIKzWUyWLlxWjKZk8bRm0QmYWU-U-v2ULDPQU-CssgUae-Al1jQ242Acxu9_2FA89Urfq4L1obs7Y5T22OnVOCM_7DS2Mm4pDhtsaicZkDnqTdi18U&lptoken=16d175df06d421100899&external_id=36197-742739971&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe7inrpJhpx6sEb46D3QBe4kOD%2FbhVbFMsLjztNCvSL5Ujb5hyGavoJVnne1YyAaC1zWWuYkBINSo6CHWFmDUfB1ntsRZ6Hp9AwlYk1P0Tw%2BTvCuPRS124bBObxw7AbOgjEm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab76abcbc93-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/unsubscribe.html
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/unsubscribe.html
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/unsubscribe.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:50 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Mon, 30 Jan 2023 06:36:50 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YC%2BT1oAsi3bBjnBDUZoSXkBxbzHnpVDqWdLRlTkWFDD9vS1vtQrgRHwg76%2FH%2Ff7xxTvMVl%2BIdLYyztQGWQyMKs6c4qAePMp%2BA03PXv55O37NUgmfm73PecwmdgbIslS1S8%2FKgAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab7a8b6b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/images/bg.html
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/DE10/images/bg.html
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/DE10/images/bg.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/html/DE10/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:50 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Mon, 30 Jan 2023 06:36:50 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyYllH1cAYQreORMVpkMoPcayxHcy5g0mKPDFiJvmX1Bwu2CjE9fPcQCxSEfeZ3JoM0aioGlRCd%2BtXz1QUBwkppxD%2B7buVQ8VN%2FeVLt5WKd%2BSf7JaKMTxB2y8mKACV9Hsmnhb8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab798abb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 30 Jan 2023 06:53:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 85073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmjWMWTI89Gnd1tb%2FucSc%2F73Grpf5OSo5S3RYo8UmxsvyRXJp6x3INITx4xZTAqL%2BtGznpZocZdGOSrhsj5U7xKl7wT%2BFhCkh7HZ1tir3zfzEPiDjU4TQ%2BMQZFlJbAZFgmjn7T0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab41d8cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/favicon.ico
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/favicon.ico
IP 172.67.71.67:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:50 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 10705788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIP6kayl2nJxkuhhfAnDyN2cm4MHO8Oq9xLMLEfI62PBBwCLo%2FjnipuuvtnQUXUxB6RAc3CUkgWZMQUP5arA5OJUTdbJCcq5mghIuAZMjlB1sUKzFvhTUhJmC%2FPlGxQoHFSOYM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182aba1ae3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/c3ac2d70-a067-11ed-b4ee-1276e2d1a233/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
52.7.54.238200 OK 0 B URL HTTP/2 alia-iso.com/zcvisitor/c3ac2d70-a067-11ed-b4ee-1276e2d1a233/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51
IP 52.7.54.238:0
GET /zcvisitor/c3ac2d70-a067-11ed-b4ee-1276e2d1a233/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=0ac23400-6636-11ed-9d73-128084d1ce51 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://6e5.hp1001.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:45 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: QrgGxauM
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/common-langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Mon, 30 Jan 2023 06:53:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 85073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmOeLcA5M4A2t2L6r28YZWCFHI6htnM18NirfEsnPMWRSavHWHGgN2%2FZ61M12SwpHLWNIXorhth13S39fToXataOjJWKeH5rj%2FmaBBnc2Sp%2FVy4DUGKdMIs4GZtzTJEp1jGc9OQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab42d93b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1675060308
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1675060308
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1675060308 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 31 Jan 2023 06:31:49 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUK2JJWZo1HKfZqhImUtFjijger659xwAX%2BkvYV%2B3iO%2B6FGIAoYHSlHCDiiGZCaYNm%2BMMGdyKGmvMoSTnnkoM2zA76ge%2FTTlJI76VqezN%2FwXjqddPBOfwuNI0VHKGkwe6vnrJ1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab41d88b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/main.js?1675060308
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/main.js?1675060308
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/main.js?1675060308 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 31 Jan 2023 06:31:49 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHY22q720NCRfFyrSBtoW6ST8k1WxrkPqeObuY1CbfQvDKliBaN9y8hP64HcuG4NWVRiDslB4FfyG1snzI26mTukvRzVY1aP0KrQ6thf5LuUgo91ed6LrsmiH4kziPFcwZEsmFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab42d95b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/images/03.jpg
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/DE10/images/03.jpg
IP 172.67.71.67:0
GET /sl/html/DE10/images/03.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: image/jpeg
content-length: 58287
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 30 Jan 2023 21:18:10 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 33219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JR99EIJQWyBMNjgX3QTI9HO1sKTm2pkHivdaRaI67O4wqWO2mIE95S8e26CaVF6S8JGVR27fhKVzI4am20rFzSUW7GYYspnmCq1J7t0Mgu3B%2F2YeMYTktiAiW%2BDLwMdE4Df8j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79182ab42d98b4e8-OSL
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/DE10/js/config.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/DE10/js/config.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/DE10/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:31:49 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=704
expires: Mon, 30 Jan 2023 17:50:15 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 45693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maXBrpEqUXrvpmphMn9cQd%2F4PhDN6uCqDM5xTlmfeaOmSlANq%2FvSb5LNGa4Jyo5brdML46Z%2Bq%2BbPRqXtiNVL%2Fogy2efuP7frHUWIrpJIA8%2BfC4WIrQDQ0O2XBrtIi9cfx7A1AVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79182ab42d91b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2